Lucene search
Tommy SurielNC-SA-2020-018HistoryMar 18, 2020 - 12:00 a.m.
Missing ownership check on remote wipe endpoint (NC-SA-2020-018)
2020-03-1800:00:00
Tommy Suriel
nextcloud.com
20
EPSS
0.007
Percentile
80.7%
An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.
Related
hackerone
hackerone
Nextcloud: Missing ownership check on remote wipe endpoint
2020-03-15 21:55:05
cvelist
cvelist
CVE-2020-8154
2020-05-12 13:01:26
openvas
openvas
Nextcloud Server 17.x < 17.0.5, 18.x < 18.0.3 Insecure Direct Object Reference Vulnerability (NC-SA-2020-018)
2020-05-13 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:0670-1)
2020-05-23 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:1652-1)
2020-10-11 00:00:00
prion
prion
Design/Logic Flaw
2020-05-12 13:15:00
cve
cve
CVE-2020-8154
2020-05-12 13:15:13
nvd
nvd
CVE-2020-8154
2020-05-12 13:15:13
osv
osv
CVE-2020-8154
2020-05-12 13:15:13
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2020-670)
2020-05-26 00:00:00
openSUSE Security Update : nextcloud (openSUSE-2020-1652)
2020-10-12 00:00:00
Fedora 32 : nextcloud (2020-c9863904de)
2020-10-20 00:00:00
suse
suse
Security update for nextcloud (moderate)
2020-05-17 00:00:00
Security update for nextcloud (moderate)
2020-05-23 00:00:00
Security update for nextcloud (moderate)
2020-05-17 00:00:00
redhatcve
redhatcve
CVE-2020-8154
2022-05-20 22:53:13
fedora
fedora
[SECURITY] Fedora 32 Update: nextcloud-18.0.9-1.fc32
2020-10-19 16:58:39