PT-2019-13011 · Pydio · Pydio Cells
Publicado
2019-06-19
·
Atualizado
2021-07-21
·
CVE-2019-12902
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Pydio Cells versions prior to 1.5.0
Description
The issue arises from incomplete cleanup of a user's data when their account is deleted. This allows a new user, who is assigned the same User ID as a previously deleted user, to restore the deleted user's data.
Recommendations
For versions prior to 1.5.0, update to version 1.5.0 or later to ensure complete cleanup of user data upon deletion.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pydio Cells