Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-28844
HistoryMar 31, 2023 - 11:15 p.m.

Input validation

2023-03-3123:15:00
PRIOn knowledge base
www.prio-n.com
4
nextcloud
server
vulnerability
versions
unauthorized download
distribution
upgrade

0.001 Low

EPSS

Percentile

27.8%

JSON

Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related

cvelist 1
nextcloud 1
nvd 1
osv 1
openvas 1
cve 1
cvelist
cvelist
CVE-2023-28844 User without download rights can download older version of that file in nextcloud server
2023-03-31 22:10:29
nextcloud
nextcloud
User without download rights can download older version of that file
2023-03-31 07:44:53
nvd
nvd
CVE-2023-28844
2023-03-31 23:15:07
osv
osv
CVE-2023-28844
2023-03-31 23:15:07
openvas
openvas
Nextcloud Server 24.0.4 < 24.0.10, 25.x < 25.0.4 Improper Access Control Vulnerability (GHSA-w47p-f66h-h2vj)
2023-03-31 00:00:00
cve
cve
CVE-2023-28844
2023-03-31 23:15:07

0.001 Low

EPSS

Percentile

27.8%

JSON
Related for PRION:CVE-2023-28844
cvelist1nextcloud1nvd1osv1openvas1cve1