CVE-2018-16464

Sažetak

A missing access check in Nextcloud Server prior to 14.0.0 could lead to continued access to password protected link shares when the owner had changed the password.

Reference

https://hackerone.com/reports/146133
https://nextcloud.com/security/advisory/?id=NC-SA-2018-012

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

09-10-2019 - 23:36

Objavljeno

30-10-2018 - 21:29