CVE-2022-39346

CVSS V2 None CVSS V3 None
Description
Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to 22.2.10, 23.0.7 or 24.0.3. There are no known workarounds for this issue.
Overview
  • CVE ID
  • CVE-2022-39346
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-11-25T19:15:11
  • Last Modified Date
  • 2022-12-13T02:24:23
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:* 1 OR 22.2.10
cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:* 1 OR 23.0.0 23.0.7
cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:* 1 OR 24.0.0 24.0.3
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* 1 OR 22.2.10
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* 1 OR 23.0.0 23.0.7
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* 1 OR 24.0.0 24.0.3
History
Created Old Value New Value Data Type Notes
2022-11-25 20:00:45 Added to TrackCVE
2022-12-07 18:04:44 2022-11-25T19:15Z 2022-11-25T19:15:11 CVE Published Date updated
2022-12-07 18:04:44 2022-12-01T19:50:41 CVE Modified Date updated
2022-12-07 18:04:45 Analyzed Vulnerability Status updated
2022-12-07 18:04:46 CPE Information updated
2022-12-09 04:22:36 2022-12-09T04:15:09 CVE Modified Date updated
2022-12-09 04:22:36 Analyzed Modified Vulnerability Status updated
2022-12-09 04:22:38 References updated
2022-12-12 18:17:24 Modified Undergoing Analysis Vulnerability Status updated
2022-12-13 03:17:54 2022-12-13T02:24:23 CVE Modified Date updated
2022-12-13 03:17:54 Undergoing Analysis Analyzed Vulnerability Status updated