Lucene search

CVE-2023-25821

🗓️ 25 Feb 2023 00:11:15Reported by [email protected]Type

Nextcloud 24.0.4 and 25.0.0 Improper Access Contro

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2023-25821 Nextcloud download permissions can be changed by resharer	24 Feb 202323:39	–	cvelist
Nextcloud	Download permissions can be changed by resharer	24 Feb 202307:17	–	nextcloud
CVE	CVE-2023-25821	25 Feb 202300:15	–	cve
Hacker One	Nextcloud: Download permissions can be changed by resharer	6 Oct 202206:49	–	hackerone
Vulnrichment	CVE-2023-25821 Nextcloud download permissions can be changed by resharer	24 Feb 202323:39	–	vulnrichment
OSV	CVE-2023-25821	25 Feb 202300:15	–	osv
Prion	Improper access control	25 Feb 202300:15	–	prion
OpenVAS	Nextcloud Server 24.0.4 < 24.0.7, 25.x < 25.0.1 Improper Access Control Vulnerability (GHSA-7w6h-5qgw-4j94)	14 Apr 202300:00	–	openvas
Redos	ROS-20230413-01	13 Apr 202300:00	–	redos

Nvd

Node

nextcloud nextcloud_serverRange24.0.4–24.0.7

nextcloud nextcloud_serverRange24.0.4–24.0.7enterprise

nextcloud nextcloud_serverMatch25.0.0

nextcloud nextcloud_serverMatch25.0.0enterprise

Source	Link
github	www.github.com/nextcloud/server/pull/34502
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-7w6h-5qgw-4j94
hackerone	www.hackerone.com/reports/1724016

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Feb 2023 00:15Current

6.2Medium risk

Vulners AI Score6.2

CVSS37.5

EPSS0.0014

CWE-284