Home > Vulnerability Database > CVE-2022-39329

Mend.io Vulnerability Database

CVE-2022-39329

Good to know:

Date: October 27, 2022

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without direct database access. Versions 23.0.9 and 24.0.5 contains patches for this issue. No known workarounds are available.

Language: PHP

Severity Score

5.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-39329

Url: https://hackerone.com/reports/1675014

Url: https://github.com/nextcloud/server/pull/33643

Url: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8f3p-rcm5-mrg3

Url: https://www.mend.io/vulnerability-database/CVE-2022-39329

Severity Score

5.3

Weakness Type (CWE)

Missing Authorization

CWE-862

Incorrect Authorization

CWE-863

Top Fix

Upgrade Version

Upgrade to version v23.0.9,v24.0.5

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2022-39329

Good to know:

Date: October 27, 2022

Language: PHP

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?