CVE-2019-15623 Vulnerability Details

  /     /     /  

CVE-2019-15623 Metadata Quick Info

CVE Published: 04/02/2020 | CVE Updated: 05/08/2024 | CVE Year: 2019
Source: hackerone | Vendor: n/a | Product: Nextcloud Server
Status : PUBLISHED

CVE-2019-15623 Description

Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it\'s domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-359
CWE Name: Privacy Violation (CWE-359)
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2019-15623 Vulnerability Details