admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-82xx/CVE-2020-8293.json
cad-safe-bot 6430620428 Auto-Update: 2024-11-23T13:07:37.766281+00:00
2024-11-23 13:10:58 +00:00

152 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-8293",
"sourceIdentifier": "support@hackerone.com",
"published": "2021-01-26T18:16:08.507",
"lastModified": "2024-11-21T05:38:40.543",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules."
},
{
"lang": "es",
"value": "Una falta de comprobaci\u00f3n de la entrada en Nextcloud Server versiones anteriores a 20.0.2, 19.0.5, 18.0.11, permite a usuarios almacenar datos ilimitados en reglas de flujo de trabajo que causan una carga y una potencial DDoS en interacciones posteriores y uso con esas reglas"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0.11",
"matchCriteriaId": "44D57333-C4F0-482B-92CB-91B8095733D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "19.0.0",
"versionEndExcluding": "19.0.5",
"matchCriteriaId": "901AE378-7B1A-4D32-86FB-01971AAF0F48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.0.2",
"matchCriteriaId": "715B9373-BCF9-4069-8C51-7714648C27E8"
}
]
}
]
}
],
"references": [
{
"url": "https://hackerone.com/reports/1018146",
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-001",
"source": "support@hackerone.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1018146",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-001",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink