 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2023-25821 |
| Description: | Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0.7 and 25.0.1. No workaround is available. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.127394 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-25821 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w6h-5qgw-4j94 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w6h-5qgw-4j94 https://github.com/nextcloud/server/pull/34502 https://github.com/nextcloud/server/pull/34502 https://hackerone.com/reports/1724016 https://hackerone.com/reports/1724016 |