Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-37631
HistorySep 07, 2021 - 8:15 p.m.

CVE-2021-37631

2021-09-0720:15:07
Google
osv.dev
7
nextcloud
deck
unauthorized access.

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn’t properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin.

Related

cvelist 1
prion 1
nextcloud 1
nvd 1
cve 1
cnvd 1
cvelist
cvelist
CVE-2021-37631 Circle can be accessed by non-Circle members in Nextcloud Deck
2021-09-07 19:50:11
prion
prion
Design/Logic Flaw
2021-09-07 20:15:00
nextcloud
nextcloud
Deck shared with a Circle can be accessed by non-Circle members
2021-09-06 08:40:09
nvd
nvd
CVE-2021-37631
2021-09-07 20:15:07
cve
cve
CVE-2021-37631
2021-09-07 20:15:07
cnvd
cnvd
Deck has unspecified vulnerabilities
2021-09-09 00:00:00

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON
Related for OSV:CVE-2021-37631
cvelist1prion1nextcloud1nvd1cve1cnvd1