Lucene search

CVE-2024-37884

🗓️ 14 Jun 2024 16:13:15Reported by [email protected]Type

Nextcloud Server delete vulnerability fix availabl

Reporter	Title	Published	Views	Family All 8
OpenVAS	Nextcloud Server < 25.0.13.7, 26.x < 26.0.13, 27.x < 27.1.8, 28.x < 28.0.4 Improper Access Control Vulnerability (GHSA-xwgx-f37p-xh8c)	19 Jun 202400:00	–	openvas
Cvelist	CVE-2024-37884 Nextcloud Server's users can delete old versions of read-only shared files	14 Jun 202415:36	–	cvelist
OSV	CVE-2024-37884	14 Jun 202416:15	–	osv
CVE	CVE-2024-37884	14 Jun 202416:15	–	cve
Nextcloud	Users can delete old versions of read-only shared files	14 Jun 202414:34	–	nextcloud
Vulnrichment	CVE-2024-37884 Nextcloud Server's users can delete old versions of read-only shared files	14 Jun 202415:36	–	vulnrichment
Hacker One	Nextcloud: Re-emergence of Security Vulnerability in Nextcloud Version 28 Previously Fixed in 25.0.4	18 Dec 202316:31	–	hackerone
Redos	ROS-20240627-06	27 Jun 202400:00	–	redos

Nvd

Node

nextcloud nextcloud_serverRange25.0.0–25.0.13.7enterprise

nextcloud nextcloud_serverRange26.0.0–26.0.13-

nextcloud nextcloud_serverRange26.0.0–26.0.13enterprise

nextcloud nextcloud_serverRange27.0.0–27.1.8-

nextcloud nextcloud_serverRange27.0.0–27.1.8enterprise

nextcloud nextcloud_serverRange28.0.0–28.0.4-

nextcloud nextcloud_serverRange28.0.0–28.0.4enterprise

Source	Link
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-xwgx-f37p-xh8c
github	www.github.com/nextcloud/server/pull/43727
hackerone	www.hackerone.com/reports/2290680

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Jun 2024 16:15Current

CVSS35.4

EPSS0.00091

CWE-284