Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
2018-10-30T21:29:00.793
2024-11-21T03:52:48.603
Modified
CVSSv3.0: 8.1 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:N
8.0
4.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | nextcloud | nextcloud_server | < 12.0.11 | Yes |
Application | nextcloud | nextcloud_server | < 13.0.6 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |
Application | nextcloud | nextcloud_server | 14.0.0 | Yes |