CVE-2023-28647
App pin of the iOS app can be bypassed in Nextcloud iOS
EPSS 0.28%
描述
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Nextcloud iOS app is upgraded to 4.7.0. There are no known workarounds for this vulnerability.
如何修補 CVE-2023-28647
OSV 沒有提供套件對應 — 請參考下方連結尋找廠商提供的建議。
CVE-2023-28647 正在被利用嗎?
低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。
受影響套件(0)
OSV 沒有提供套件對應。