CVE-2025-47790

MEDIUM EPSS 24.2%
Published May 16, 20251y ago · Modified Jun 17, 20262w ago
6.4 CVSS 3.1
Medium
Find Similar
Published May 16, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Nextcloud Server is a self hosted personal cloud system. Nextcloud Server prior to 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server prior to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9, and 31.0.3 have a bug with session handling. The bug caused skipping the second factor confirmation after a successful login with the username and password when the server was configured with `remember_login_cookie_lifetime` set to `0`, once the session expired on the page to select the second factor and the page is reloaded. Nextcloud Server 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server is upgraded to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9 and 31.0.3 contain a patch. As a workaround, set the `remember_login_cookie_lifetime` in config.php to a value other than `0`, e.g. `900`. Beware that this is only a workaround for new sessions created after the configuration change. System administration can delete affected sessions.

CVSS Details

Base Score
6.4
Exploitability
1.2
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Attack Vector Network
Attack Complexity High
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
24.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-287 Improper Authentication Authentication

Affected Products 9

VendorProductVersionRange
nextcloudnextcloud_server*≥26.0.0  –  <26.0.13.15
nextcloudnextcloud_server*≥27.0.0  –  <27.1.11.15
nextcloudnextcloud_server*≥28.0.0  –  <28.0.14.6
nextcloudnextcloud_server*≥29.0.0  –  <29.0.15
nextcloudnextcloud_server*≥29.0.0  –  <29.0.15
nextcloudnextcloud_server*≥30.0.0  –  <30.0.9
nextcloudnextcloud_server*≥30.0.0  –  <30.0.9
nextcloudnextcloud_server*≥31.0.0  –  <31.0.3
nextcloudnextcloud_server*≥31.0.0  –  <31.0.3

References 3

  • github.com https://github.com/nextcloud/security-advisories/security/advisories/GHSA-9h3w-f3h4-qqrh
    Vendor Advisory
  • github.com https://github.com/nextcloud/server/pull/51905
    Issue Tracking
  • hackerone.com https://hackerone.com/reports/2729367
    Permissions Required

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.