CVE-2016-9462

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to restore old versions.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*

Information

Published : 2017-03-27 19:59

Updated : 2019-10-09 16:20


NVD link : CVE-2016-9462

Mitre link : CVE-2016-9462


JSON object : View

CWE
CWE-284

Improper Access Control

Advertisement

dedicated server usa

Products Affected

owncloud

  • owncloud

nextcloud

  • nextcloud_server