Unrated severityNVD Advisory· Published Oct 27, 2022· Updated Apr 22, 2025
Exception logging in Sharepoint app reveals clear-text connection details
CVE-2022-39364
Description
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading nextcloud.log may gain knowledge of credentials to connect to a SharePoint service. Nextcloud Server versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server versions 22.2.10.5, 23.0.9, and 24.0.5 contain a patch for this issue. As a workaround, set zend.exception_ignore_args = On as an option in php.ini.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <24.0.5
- nextcloud/security-advisoriesv5Range: < 22.2.10.5
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.