4 matches found
Nextcloud Server Authorization Bypass Vulnerability (May 2018) - Windows
Nextcloud Server is prone to authorization bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Nextcloud Server Authorization Bypass Vulnerability (May 2018) - Linux
Nextcloud Server is prone to authorization bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
openSUSE Security Update : nextcloud (openSUSE-2018-384)
This update for nextcloud fixes the following issues : Security issue fixed : - CVE-2017-0936: Nextcloud Server before 11.0.7 suffers from an Authorization Bypass Through User-Controlled Key vulnerability boo1087402. Bug fixes : - See online release notes for all relevant changes...
CVE-2017-0936
CVE-2017-0936 affects Nextcloud Server prior to 11.0.7 and 12.0.5, where an Authorization Bypass Through User-Controlled Key vulnerability exists due to a missing ownership check. This allows logged-in users to change the scope of app passwords for other users. The app passwords themselves are no...