Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service.
References
Link | Resource |
---|---|
https://hackerone.com/reports/174524 | Third Party Advisory |
https://nextcloud.com/security/advisory/?id=nc-sa-2017-004 | Broken Link Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Oct 2022, 14:20
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-674 | |
CPE | cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:*:*:* |
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* |
References | (CONFIRM) https://nextcloud.com/security/advisory/?id=nc-sa-2017-004 - Broken Link, Patch, Vendor Advisory |
27 Sep 2022, 14:04
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:nextcloud:nextcloud_server:10.0.2:*:*:*:*:*:*:* | |
First Time |
Nextcloud nextcloud Server
|
Information
Published : 2017-04-05 20:59
Updated : 2023-12-10 12:01
NVD link : CVE-2017-0886
Mitre link : CVE-2017-0886
CVE.ORG link : CVE-2017-0886
JSON object : View
Products Affected
nextcloud
- nextcloud_server
CWE
CWE-674
Uncontrolled Recursion