CVE-2023-28645
MEDIUMNextcloud richdocuments <8.0.0-beta.1-6.3.2 - Auth Bypass
Title source: llmDescription
Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app (richdocuments) is upgraded to 8.0.0-beta.1, 7.0.2 or 6.3.2. Users unable to upgrade may mitigate the issue by taking steps to restrict the ability to download documents. This includes ensuring that the `WOPI configuration` is configured to only serve documents between Nextcloud and Collabora. It is highly recommended to define the list of Collabora server IPs as the allow list within the Office admin settings of Nextcloud.
References (3)
Core 3
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-95j6-p5cj-5hh5
Patch, Vendor Advisory x_refsource_misc
https://github.com/nextcloud/richdocuments/pull/2604
Product x_refsource_misc
https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings
Scores
CVSS v3
5.7
EPSS
0.0020
EPSS Percentile
42.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (1)
nextcloud/richdocuments
6.0.0 - 6.3.2
Published
Mar 31, 2023
Tracked Since
Feb 18, 2026