cbcvebase.
CVE-2018-16464
published 2018-10-30

CVE-2018-16464: A missing access check in Nextcloud Server prior to 14.0.0 could lead to continued access to password protected link shares when the owner had changed the…

PriorityP428medium5.7CVSS 3.0
AVNACLPRLUIRSUCHINAN
EPSS
0.89%
54.9th percentile
A missing access check in Nextcloud Server prior to 14.0.0 could lead to continued access to password protected link shares when the owner had changed the password.

Affected

2 ranges
VendorProductVersion rangeFixed in
nextcloudnextcloud_server< 14.0.014.0.0
nextcloudnextcloud_server

CVSS provenance

nvdv3.05.7MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.