Environment:
Nextcloud 28.0.5 from Docker Hub official image nextcloud:28.0.5-apache
Operating System: Red Hat Enterprise Linux release 9.3
Palo Alto firewall PA-5200 running version 10.2.9-H1
Our firewall is blocking incoming connections from Nextcloud mobile app (from Play Store or App Store) stating a threat related to CVE-2003-0245.
We can safely access our files using any web browser or Windows clients.
Have you guys seen somehing like that? I’m pretty lost since this CVE is about an old version of Apache and Nextcloud uses a much newer one.
Yes, that doesn’t look legitimate indeed. Our reverse proxy is running a Red Hat Apache 2.4. Also, Palo Alto technical support said the fw blocked the connection because of an attempt to run a xml code and the code is a call to open-cloud-mesh.org.
It’s very likelly to be a false alert. Thank you for your attention, jtr.