Описание
Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged. This issue is patched in versions 19.0.13, 20.0.11, and 21.0.3.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Permissions Required
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 19.0.13 (исключая)Версия от 20.0.0 (включая) до 20.0.11 (исключая)Версия от 21.0.0 (включая) до 21.0.3 (исключая)
Одно из
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00148
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-778
NVD-CWE-Other
Связанные уязвимости
CVSS3: 3.3
debian
почти 4 года назад
Nextcloud Server is a Nextcloud package that handles data storage. In ...
EPSS
Процентиль: 36%
0.00148
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-778
NVD-CWE-Other