SecuritySpace - CVE-2017-0884

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-0884

Description: Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read- only permissions for.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-0884
https://hackerone.com/reports/169680

CVE ID:	CVE-2017-0884
Description:	Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read- only permissions for.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0884 https://hackerone.com/reports/169680