PT-2020-20035 · Nextcloud · Nextcloud Server
Alx_Il
+1
·
Published
2020-10-05
·
Updated
2022-01-01
·
CVE-2020-8223
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Nextcloud Server version 19.0.0
Description
A logic error in the software caused a privilege escalation, allowing malicious users to reshare with higher permissions than they were assigned.
Recommendations
For Nextcloud Server version 19.0.0, update to a version that fixes this issue to prevent malicious users from escalating their privileges.
Exploit
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nextcloud Server