← voltar
CVE-2021-22896

CVE-2021-22896

EPSS 1.0%CWE-862
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 jun 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Produtos afetados
n/a · Nextcloud Mail

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/nextcloud/mail/pull/4864https://github.com/nextcloud/mail/releases/tag/v1.9.5https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jmgp-77jq-fjp3https://hackerone.com/reports/1129996