PT-2018-13592 · Nextcloud+1 · Nextcloud Server+1

Carl Pearson

+1

·

Publicado

2018-10-30

·

Atualizado

2019-10-09

·

CVE-2018-16467

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Nextcloud Server versions prior to 14.0.0
Description A missing check in the software could give unauthorized access to the previews of single file password protected shares.
Recommendations For versions prior to 14.0.0, update to version 14.0.0 or later to resolve the issue.

Exploit

Correção

Improper Authentication

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287CWE-200

Identificadores relacionados

ALT-PU-2019-1414
CVE-2018-16467

Produtos afetados

Alt Linux
Nextcloud Server