CVE-2016-9462 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 MEDIUM	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 63%

Affected Products (NVD)

Vendor	Product	Version
nextcloud	nextcloud_server	𝑥 < 9.0.52
owncloud	owncloud	𝑥 < 9.0.4

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

nextcloud

artful	dne
bionic	dne
cosmic	dne
precise	dne
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

owncloud

artful	dne
bionic	dne
cosmic	dne
precise	ignored
trusty	dne
xenial	dne
yakkety	dne
zesty	dne

Known Exploits!

Common Weakness Enumeration

References

http://www.securityfocus.com/bid/97285

https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e

https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c

https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13

https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e

https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1

https://hackerone.com/reports/146067

https://nextcloud.com/security/advisory/?id=nc-sa-2016-005

https://owncloud.org/security/advisory/?id=oc-sa-2016-015

http://www.securityfocus.com/bid/97285

https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e

https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c

https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13

https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e

https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1

https://hackerone.com/reports/146067

https://nextcloud.com/security/advisory/?id=nc-sa-2016-005

https://owncloud.org/security/advisory/?id=oc-sa-2016-015