PT-2017-10687 · Nextcloud · Nextcloud Server
Published
2017-04-05
·
Updated
2022-10-04
·
CVE-2017-0886
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Nextcloud Server versions prior to 9.0.55
Nextcloud Server versions prior to 10.0.2
Description
The issue allows an authenticated adversary to trigger an endless recursion in the application, leading to a potential Denial of Service attack due to an error in the application logic.
Recommendations
For versions prior to 9.0.55, update to version 9.0.55 or later.
For versions prior to 10.0.2, update to version 10.0.2 or later.
Fix
DoS
Uncontrolled Recursion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nextcloud Server