Описание
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without direct database access. Versions 23.0.9 and 24.0.5 contains patches for this issue. No known workarounds are available.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 23.0.9 (исключая)Версия от 24.0.0 (включая) до 24.0.5 (исключая)Версия до 23.0.9 (исключая)Версия от 24.0.0 (включая) до 24.0.5 (исключая)
Одно из
cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.0013
Низкий
3.5 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-284
CWE-862
Связанные уязвимости
CVSS3: 3.5
debian
больше 2 лет назад
Nextcloud Server is the file server software for Nextcloud, a self-hos ...
EPSS
Процентиль: 34%
0.0013
Низкий
3.5 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-284
CWE-862