CVE-2023-22470

medium

Description

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that the Nextcloud Server is upgraded to 1.6.5 or 1.7.3 or 1.8.2.

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-93j5-wx4c-6g88

https://github.com/nextcloud/deck/pull/4059

Details

Source: Mitre, NVD

Published: 2023-01-14

Updated: 2023-01-24

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H