CVE-2017-0936 — Authorization Bypass Through User-Controlled Key in Server

CWE-639 — Authorization Bypass Through User-Controlled Key6 documents4 sources

Severity

5.7MEDIUMNVD

EPSS

0.1%

top 65.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nextcloud Server

Timeline

PublishedMar 28

Latest updateMay 13

Description

Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither disclosed nor could the error be misused to identify as another user.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

▶NVDnextcloud/nextcloud_server< 11.0.7+1

▶CVEListV5nextcloud/nextcloud_serverbefore 11.0.7 and 12.0.5

🔴Vulnerability Details

GHSA

GHSA-84fw-wvq7-7x27: Nextcloud Server before 11↗2022-05-13

▶

CVEList

CVE-2017-0936: Nextcloud Server before 11↗2018-03-28

▶

💬Community

Bugzilla

CVE-2017-0936 nextcloud: App password scope can be changed for other users [epel-all]↗2018-03-29

▶

Bugzilla

CVE-2017-0936 nextcloud: App password scope can be changed for other users [fedora-all]↗2018-03-29

▶

Bugzilla

CVE-2017-0936 nextcloud: App password scope can be changed for other users↗2018-03-29

▶