cvedb.io
CVE-2023-23943
MEDIUM · CVSS 5
EPSS exploitation probability: 0%
Published 2023-02-06T21:15:09.810 · Last modified 2026-06-17T05:38:20.533

Summary

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app.

Affected products

nextcloud — mail

Does this affect you?

Add your gear to cvedb and we'll alert you only when nextcloud ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.