Lucene search
Redhat.comRH:CVE-2020-8154HistoryMay 20, 2022 - 10:53 p.m.
CVE-2020-8154
2022-05-2022:53:13
redhat.com
access.redhat.com
25
nextcloud server
vulnerability
remote wipe
endpoint
EPSS
0.007
Percentile
80.7%
An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.
Related
suse
suse
Security update for nextcloud (moderate)
2020-05-23 00:00:00
Security update for nextcloud (moderate)
2020-05-17 00:00:00
Security update for nextcloud (moderate)
2020-05-17 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: nextcloud-18.0.9-1.fc32
2020-10-19 16:58:39
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2020-670)
2020-05-26 00:00:00
Fedora 32 : nextcloud (2020-c9863904de)
2020-10-20 00:00:00
openSUSE Security Update : nextcloud (openSUSE-2020-1652)
2020-10-12 00:00:00
openvas
openvas
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:0670-1)
2020-05-23 00:00:00
Fedora: Security Advisory for nextcloud (FEDORA-2020-c9863904de)
2020-10-21 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:1652-1)
2020-10-11 00:00:00
nextcloud
nextcloud
Renaming an item to a protected hidden folder deletes the target (NC-SA-2020-017)
2019-07-15 00:00:00
Mail app not verifying TLS host of mail servers (NC-SA-2020-020)
2020-03-24 00:00:00
Missing ownership check on remote wipe endpoint (NC-SA-2020-018)
2020-03-18 00:00:00
cvelist
cvelist
hackerone
hackerone
Nextcloud: Missing ownership check on remote wipe endpoint
2020-03-15 21:55:05
Nextcloud: Mail does not verify IMAP/SMTP host connected via TLS
2020-02-24 14:56:20
cve
cve
osv
osv
nvd
nvd
prion
prion
Design/Logic Flaw
2020-05-12 13:15:00
Improper access control
2020-05-12 13:15:00
Design/Logic Flaw
2020-05-12 13:15:00