NVD - CVE-2023-35172

Vulnerability Change Records for CVE-2023-35172

Change History

Initial Analysis by NIST 7/05/2023 9:34:36 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 21.0.0 up to (excluding) 21.0.9.12 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 22.0.0 up to (excluding) 22.2.10.12 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 23.0.0 up to (excluding) 23.0.12.7 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 24.0.0 up to (excluding) 24.0.12.2 cpe:2.3:a:nextcloud:nextcloud_server:::::-::: versions from (including) 25.0.0 up to (excluding) 25.0.7 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 25.0.0 up to (excluding) 25.0.7 cpe:2.3:a:nextcloud:nextcloud_server:::::-::: versions from (including) 26.0.0 up to (excluding) 26.0.2 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 26.0.0 up to (excluding) 26.0.2
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Changed	Reference Type	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf5-p765-qmr6 No Types Assigned	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf5-p765-qmr6 Vendor Advisory
Changed	Reference Type	https://github.com/nextcloud/server/pull/38267 No Types Assigned	https://github.com/nextcloud/server/pull/38267 Issue Tracking
Changed	Reference Type	https://hackerone.com/reports/1987062 No Types Assigned	https://hackerone.com/reports/1987062 Permissions Required