Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-5454
HistoryJul 30, 2019 - 9:15 p.m.

CVE-2019-5454

2019-07-3021:15:11
CWE-89
[email protected]
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.

Affected configurations

NVD
Node
nextcloudnextcloudMatch1.0.0android
OR
nextcloudnextcloudMatch1.0.1android
OR
nextcloudnextcloudMatch1.1.0-android
OR
nextcloudnextcloudMatch1.1.0rc1android
OR
nextcloudnextcloudMatch1.1.0rc2android
OR
nextcloudnextcloudMatch1.2.0-android
OR
nextcloudnextcloudMatch1.2.0rc1android
OR
nextcloudnextcloudMatch1.2.0rc2android
OR
nextcloudnextcloudMatch1.3.0-android
OR
nextcloudnextcloudMatch1.3.0rc1android
OR
nextcloudnextcloudMatch1.3.0rc2android
OR
nextcloudnextcloudMatch1.3.1android
OR
nextcloudnextcloudMatch1.4.0-android
OR
nextcloudnextcloudMatch1.4.0rc1android
OR
nextcloudnextcloudMatch1.4.0rc2android
OR
nextcloudnextcloudMatch1.4.0rc3android
OR
nextcloudnextcloudMatch1.4.0rc4android
OR
nextcloudnextcloudMatch1.4.1-android
OR
nextcloudnextcloudMatch1.4.1rc1android
OR
nextcloudnextcloudMatch1.4.1rc2android
OR
nextcloudnextcloudMatch1.4.1rc3android
OR
nextcloudnextcloudMatch1.4.1rc4android
OR
nextcloudnextcloudMatch1.4.2-android
OR
nextcloudnextcloudMatch1.4.2rc1android
OR
nextcloudnextcloudMatch1.4.2rc2android
OR
nextcloudnextcloudMatch1.4.2rc3android
OR
nextcloudnextcloudMatch1.4.2rc4android
OR
nextcloudnextcloudMatch1.4.3android
OR
nextcloudnextcloudMatch2.0.0-android
OR
nextcloudnextcloudMatch2.0.0rc1android
OR
nextcloudnextcloudMatch2.0.0rc2android
OR
nextcloudnextcloudMatch2.0.0rc3android
OR
nextcloudnextcloudMatch2.0.0rc4android
OR
nextcloudnextcloudMatch2.0.0rc5android
OR
nextcloudnextcloudMatch2.0.0rc6android
OR
nextcloudnextcloudMatch2.0.0rc7android
OR
nextcloudnextcloudMatch2.0.0rc8android
OR
nextcloudnextcloudMatch2.0.0rc9android
OR
nextcloudnextcloudMatch2.0.1android
OR
nextcloudnextcloudMatch3.0.0rc1android
OR
nextcloudnextcloudMatch3.0.0rc2android
OR
nextcloudnextcloudMatch3.0.0rc3android

Related

osv 1
cvelist 1
nextcloud 1
prion 1
hackerone 1
githubexploit 1
cve 1
osv
osv
CVE-2019-5454
2019-07-30 21:15:11
cvelist
cvelist
CVE-2019-5454
2019-07-30 20:28:53
nextcloud
nextcloud
SQL injection in Android app content provider (NC-SA-2019-005)
2019-07-26 00:00:00
prion
prion
Sql injection
2019-07-30 21:15:00
hackerone
hackerone
Nextcloud: SQL Injection found in NextCloud Android App Content Provider
2017-11-20 03:55:23
githubexploit
githubexploit
Exploit for SQL Injection in Nextcloud
2020-12-07 14:53:25
cve
cve
CVE-2019-5454
2019-07-30 21:15:11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON
Related for NVD:CVE-2019-5454
osv1cvelist1nextcloud1prion1hackerone1githubexploit1cve1