CVE-2020-8182

High

Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had…

hackerone·CWE-284·Published 2020-10-05

CVSS

8.0

EPSS

0.01

KEV

Exploits

cve.orgen

150 chars

Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves.

NVDen

150 chars

Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves.

Un control de acceso inapropiado en Nextcloud Deck versión 0.8.0, permitió a un atacante volver a compartir tableros compartidos con estos con más permisos de los que ellos mismos tenían

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.0	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	8.0	2.1	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H