Oval Definition:	oval:org.opensuse.security:def:20170936
Revision Date: 2019-09-27 Version: 1 Title: CVE-2017-0936 Description: Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither disclosed nor could the error be misused to identify as another user. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0936 Platform(s): openSUSE Leap 42.3 Product(s): Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information nextcloud-13.0.1-6 is installed AND nextcloud is signed with openSUSE key
BACK