CVE-2017-0885
N/A
N/A
Summary
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in the application logic an adversary with access to a write-only share may enumerate the names of existing files and subfolders by comparing the exception messages.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Nextcloud | Nextcloud Server | All versions before 9.0.55 and 10.0.2 | affected |
Weaknesses
- CWE-209: Information Exposure Through an Error Message (CWE-209)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.