Description


Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

Related CPE's


a

nextcloud

nextcloud_server

3


Weaknesses



NVD-CWE-noinfo


CWE-359

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2020-02-04T20:15:12.667

5 years ago

Last modified

2021-10-29T16:22:59.887

3 years ago