Lucene search
LeonklingeleH1:508493HistoryMar 12, 2019 - 3:48 p.m.
Nextcloud: Group admins can remove arbitrary data from "data" directory (including admin data)
2019-03-1215:48:46
leonklingele
hackerone.com
13
0.001 Low
EPSS
Percentile
46.8%
Steps to reproduce:
- Create a new user and make him an admin of an arbitrary group
- Log in as this new user
- Create a new user “files_external”, “appdata_{random-data}”, …
- Delete this user
Result: The data/files_external / data/appdata{…} folder is removed.
Solution: Prevent creation of users if data/{new-user-uid} is either
a file or a folder. In addition, prevent deletion of users where the
user data directory (data/{user}) contains other files and folders
than “files” (where the user data is stored).
Impact
Group admin can remove arbitrary data from “data” directory
Related
prion
prion
Input validation
2020-02-04 20:15:00
cvelist
cvelist
CVE-2019-15624
2020-02-04 19:08:57
osv
osv
CVE-2019-15624
2020-02-04 20:15:12
openvas
openvas
Nextcloud Server < 14.0.11, < 15.0.8 Input Validation Vulnerability (NC-SA-2019-015)
2020-02-05 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:0220-1)
2020-02-16 00:00:00
nvd
nvd
CVE-2019-15624
2020-02-04 20:15:12
nextcloud
nextcloud
Group admins can create users with IDs of system folders (NC-SA-2019-015)
2019-08-12 00:00:00
cve
cve
CVE-2019-15624
2020-02-04 20:15:12
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2020-220)
2020-02-18 00:00:00
suse
suse
Security update for nextcloud (moderate)
2020-02-15 00:00:00
Security update for nextcloud (moderate)
2020-02-17 00:00:00
redhatcve
redhatcve
CVE-2019-15618
2022-05-21 00:15:43