CVE-2019-5453

Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider.
References
Link Resource
https://hackerone.com/reports/331489 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:android:*:*
cpe:2.3:a:nextcloud:nextcloud:3.3.0:rc1:*:*:*:android:*:*
cpe:2.3:a:nextcloud:nextcloud:3.3.0:rc2:*:*:*:android:*:*
cpe:2.3:a:nextcloud:nextcloud:3.3.0:rc3:*:*:*:android:*:*

History

No history.

Information

Published : 2019-07-30 21:15

Updated : 2024-02-04 20:20


NVD link : CVE-2019-5453

Mitre link : CVE-2019-5453

CVE.ORG link : CVE-2019-5453


JSON object : View

Products Affected

nextcloud

  • nextcloud
CWE
CWE-287

Improper Authentication

CWE-288

Authentication Bypass Using an Alternate Path or Channel