Executive Summary

Informations
NameCVE-2018-16467First vendor Publication2018-10-30
VendorCveLast vendor Modification2019-01-11

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16467

CWE : Common Weakness Enumeration

%idName
100 %CWE-287Improper Authentication

CPE : Common Platform Enumeration

TypeDescriptionCount
Application43

Sources (Detail)

SourceUrl
MISC https://hackerone.com/reports/231917
https://nextcloud.com/security/advisory/?id=NC-SA-2018-014

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-01-12 00:18:58
  • Multiple Updates
2018-10-31 00:21:20
  • First insertion