MEDIUM🇬🇧 English

CVE-2023-28647

CVSS 4.4v3.1pub. 2023-03-30upd. 2024-11-21

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Nextcloud iOS app is upgraded to 4.7.0. There are no known workarounds for this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
  • Nextcloud

    APP
    Nextcloud
    < 4.7.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2019-5454CRITICAL9.8ten sam produkt

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmf...

CVE-2021-43863HIGH7.5ten sam produkt

The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcl...

CVE-2023-49790MEDIUM4.3ten sam produkt

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platfor...

CVE-2023-28999MEDIUM6.9ten sam produkt

Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud An...

CVE-2023-28646MEDIUM4.4ten sam produkt

Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from...