{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Nextcloud Enterprise Server versions 27.0.x ant\u00e9rieures \u00e0 27.0.1","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 24.0.x ant\u00e9rieures \u00e0 24.0.12.5","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Notes versions ant\u00e9rieures \u00e0 to 4.8.0","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 21.0.x ant\u00e9rieures \u00e0 21.0.9.13","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 23.0.x ant\u00e9rieures \u00e0 23.0.12.9","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 25.0.x ant\u00e9rieures \u00e0 25.0.9","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 26.0.x ant\u00e9rieures \u00e0 26.0.4","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 22.0.x ant\u00e9rieures \u00e0 22.2.10.14","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 27.0.x ant\u00e9rieures \u00e0 27.0.1","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 26.0.x ant\u00e9rieures \u00e0 26.0.4","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Application user_oidc app versions ant\u00e9rieures \u00e0 1.3.3","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 19.0.x ant\u00e9rieures \u00e0 19.0.13.10","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 25.0.x ant\u00e9rieures \u00e0 25.0.9","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Talk Android versions ant\u00e9rieures \u00e0 17.0.0","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Enterprise Server versions 20.0.x ant\u00e9rieures \u00e0 20.0.14.15","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-39962","url":"https://www.cve.org/CVERecord?id=CVE-2023-39962"},{"name":"CVE-2023-39961","url":"https://www.cve.org/CVERecord?id=CVE-2023-39961"},{"name":"CVE-2023-39958","url":"https://www.cve.org/CVERecord?id=CVE-2023-39958"},{"name":"CVE-2023-39963","url":"https://www.cve.org/CVERecord?id=CVE-2023-39963"},{"name":"CVE-2023-39954","url":"https://www.cve.org/CVERecord?id=CVE-2023-39954"},{"name":"CVE-2023-39957","url":"https://www.cve.org/CVERecord?id=CVE-2023-39957"},{"name":"CVE-2023-39955","url":"https://www.cve.org/CVERecord?id=CVE-2023-39955"},{"name":"CVE-2023-39959","url":"https://www.cve.org/CVERecord?id=CVE-2023-39959"},{"name":"CVE-2023-39953","url":"https://www.cve.org/CVERecord?id=CVE-2023-39953"},{"name":"CVE-2023-39952","url":"https://www.cve.org/CVERecord?id=CVE-2023-39952"}],"links":[],"reference":"CERTFR-2023-AVI-0649","revisions":[{"description":"Version initiale","revision_date":"2023-08-10T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nNextcloud. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Nextcloud","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-6g88-37x7-4vw6 du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6g88-37x7-4vw6"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-g97r-8ffm-hfpj du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g97r-8ffm-hfpj"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-vv27-g2hq-v48h du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vv27-g2hq-v48h"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-j4qm-5q5x-54m5 du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-j4qm-5q5x-54m5"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-xx3h-v363-q36j du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xx3h-v363-q36j"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-xwxx-2752-w3xm du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xwxx-2752-w3xm"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-3f92-5c8p-f6gq du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-3f92-5c8p-f6gq"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-36f7-93f3-mcfj du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-36f7-93f3-mcfj"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-cq8w-v4fh-4rjq du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-cq8w-v4fh-4rjq"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-qhgm-w4gx-gvgp du 10 ao\u00fbt 2023","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qhgm-w4gx-gvgp"}]}