CVE-2023-48305

Summary

CVE-2023-48305 is a vulnerability found in Nextcloud Server, an open source cloud platform. In versions prior to 25.0.11, 26.0.6, and 27.1.0, when the log level was set to debug, the user_ldap app would log user passwords in plaintext into the log file. If the log file was then leaked or shared, it could result in the exposure of users' passwords. To remediate this issue, Nextcloud Server and Nextcloud Enterprise Server versions 25.0.11, 26.0.6, and 27.1.0 have been patched with a fix. As a temporary workaround, changing the configuration setting `loglevel` to `1` or higher (recommended to be higher than 1 in production environments) can mitigate the risk of password exposure. The potential danger of this vulnerability to an organization is that if an attacker gains access to the log file containing plaintext passwords, they can compromise user accounts and potentially gain unauthorized access to sensitive data stored on Nextcloud Server. This can lead to data breaches, financial losses, reputational damage, and legal consequences for the affected organization. Source: CVE-2023-48305 ([email protected])

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.