Description

Nextcloud files access control is a nextcloud app to manage access control for files. Users with limited access can see file names in certain cases where they do not have privilege to do so. This issue has been addressed and it is recommended that the Nextcloud Files Access Control app is upgraded to 1.12.2, 1.13.1 or 1.14.1. There are no known workarounds for this issue

Related CPE's

a

nextcloud

files_access_control

3

References

https://github.com/nextcloud/files_accesscontrol/pull/248

PatchThird Party Advisory

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4m73-g7v7-v62w

Third Party Advisory

https://github.com/nextcloud/files_accesscontrol/pull/248

PatchThird Party Advisory

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4m73-g7v7-v62w

Third Party Advisory

Weaknesses

[email protected]

Secondary
CWE-200

[email protected]

Primary
CWE-269

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N

2.6 · Low

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-09-15T20:15:11.387Z

3 years ago

Last modified

2024-11-21T06:12:19.593Z

1 year ago