CVE-2023-39959

Summary

CVE-2023-39959 is a vulnerability affecting Nextcloud Server, an open-source cloud storage platform. In versions 25.0.0 through 27.0.1, unauthenticated users could exploit a DAV (WebDAV) request to determine the existence of calendars or address books for targeted victims. This issue was present in Nextcloud Server versions 25.0.9, 26.0.4, and 27.0.1, as well as Nextcloud Enterprise Server versions 25.0.9, 26.0.4, and 27.0.1. Patches to address this vulnerability have been released for these affected versions, and no known workarounds are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.