CVE-2017-0892 - AskarLabs CVE Database

CVE-2017-0892

Vendor Nextcloud

Product Nextcloud Server

Weakness CWE-285

Published May 8, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.

Key dates

02Disclosure timeline

May 8, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-0892

Related vulnerabilities

04Related CVE

CVE-2023-3805 Xiamen Four Letter Video Surveillance Management System Login UserInfoAction.class improper authorization CVE-2025-10736 ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation CVE-2024-42032 CVE-2024-3269 Download Monitor <= 4.9.13 - Missing Authorization CVE-2019-2386 Authorization session conflation