CVE-2017-0936

Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither disclosed nor could the error be misused to identify as another user.

Published: Mar 28, 2018
Updated: Apr 13, 2023
CVE: CVE-2017-0936
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.7
AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4.9
AV:N/AC:M/Au:S/C:N/I:P/A:P

CWEs:

CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
nextcloud / nextcloud_server	-	11.0.7
nextcloud / nextcloud_server	12.0.5	12.0.5.x

https://hackerone.com/reports/297751
https://nextcloud.com/security/advisory/?id=nc-sa-2018-001

Vulnerability Database

289,697

CVE-2017-0936