admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/39xxx/CVE-2022-39329.json
CVE Team 3a0cc864d0
"-Synchronized-Data."
2022-10-27 14:00:30 +00:00

104 lines
3.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-39329",
"STATE": "PUBLIC",
"TITLE": "Profile of disabled user stays accessible"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "security-advisories",
"version": {
"version_data": [
{
"version_value": "< 23.0.9"
},
{
"version_value": ">= 24.0.0, < 24.0.5"
}
]
}
}
]
},
"vendor_name": "nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without direct database access. Versions 23.0.9 and 24.0.5 contains patches for this issue. No known workarounds are available."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8f3p-rcm5-mrg3",
"refsource": "CONFIRM",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8f3p-rcm5-mrg3"
},
{
"name": "https://github.com/nextcloud/server/pull/33643",
"refsource": "MISC",
"url": "https://github.com/nextcloud/server/pull/33643"
},
{
"name": "https://hackerone.com/reports/1675014",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1675014"
}
]
},
"source": {
"advisory": "GHSA-8f3p-rcm5-mrg3",
"discovery": "UNKNOWN"
}
}
Reference in New Issue View Git Blame Copy Permalink