CVE-2025-66510

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of other users (emails, names, identifiers) without proper access control. This allows an authenticated user to retrieve information about accounts that are not related or added as contacts.

CVSS v3 4.5 MEDIUM

4.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-495w-cqv6-wr59	Patch Vendor Advisory
https://github.com/nextcloud/server/commit/e4866860cbf24a746eb8a125587262a4c8831c57	Patch
https://github.com/nextcloud/server/pull/55657	Issue Tracking

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*

History

No history.

Information

Published : 2025-12-05 17:16

Updated : 2025-12-10 16:12

NVD link : CVE-2025-66510

Mitre link : CVE-2025-66510

CVE.ORG link : CVE-2025-66510

JSON object : View

Products Affected

nextcloud

nextcloud_server

CWE

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

{"id": "CVE-2025-66510", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2025-12-05T17:16:04.613", "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-495w-cqv6-wr59", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/nextcloud/server/commit/e4866860cbf24a746eb8a125587262a4c8831c57", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/nextcloud/server/pull/55657", "tags": ["Issue Tracking"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-359"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of other users (emails, names, identifiers) without proper access control. This allows an authenticated user to retrieve information about accounts that are not related or added as contacts."}], "lastModified": "2025-12-10T16:12:34.217", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "B55EF258-E98A-43A9-B73C-AE62D448421D", "versionEndExcluding": "28.0.14.11", "versionStartIncluding": "28.0.0"}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "7710228F-2984-4F9A-8360-0054E7E78687", "versionEndExcluding": "29.0.16.8", "versionStartIncluding": "29.0.0"}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "9D119C97-0478-4CE4-8DAF-A72F69DC8C50", "versionEndExcluding": "30.0.17.3", "versionStartIncluding": "30.0.0"}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "2059C891-F256-482A-99BF-D912A1657419", "versionEndExcluding": "31.0.10", "versionStartIncluding": "31.0.0"}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "64C21E45-22B8-49B2-B630-30448D89A4E9", "versionEndExcluding": "31.0.10", "versionStartIncluding": "31.0.0"}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "A75D466C-B154-480A-9D4F-8E9454147156", "versionEndExcluding": "32.0.1", "versionStartIncluding": "32.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}