Lucene search
China National Vulnerability DatabaseCNVD-2021-102877HistoryOct 28, 2021 - 12:00 a.m.
Nextcloud Deck Access Control Error Vulnerability (CNVD-2021-102877)
2021-10-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
nextcloud
deck
access control error
vulnerability
germany-based
permission checking
EPSS
0.001
Percentile
43.0%
Nextcloud is an open source set of self-hosted file synchronization and sharing communication applications platform from Germany-based Nextcloud. Nextcloud Deck is vulnerable to an access control error in versions prior to 1.2.9, 1.4.5 and 1.5.3. The vulnerability stems from a lack of permission checking in Nextcloud Deck, where other authenticated user accesses another user’s card. No details of the vulnerability are currently available.
Related
cvelist
cvelist
CVE-2021-39225 Missing permission check on Deck API
2021-10-25 21:40:11
cve
cve
CVE-2021-39225
2021-10-25 22:15:07
nextcloud
nextcloud
Missing permission check on Deck API
2021-10-25 11:13:01
prion
prion
Design/Logic Flaw
2021-10-25 22:15:00
hackerone
hackerone
Nextcloud: Cards in Deck are readable by any user
2021-09-07 11:21:19
nvd
nvd
CVE-2021-39225
2021-10-25 22:15:07
osv
osv
CVE-2021-39225
2021-10-25 22:15:07