CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-0895

Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been disclosed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.0%

CVSS Severity

CVSS v3 Score 3.5

CVSS v2 Score 3.5

References

Products affected by CVE-2017-0895

Nextcloud » Nextcloud Server » Version: 10.0.0

cpe:2.3:a:nextcloud:nextcloud_server:10.0.0
Nextcloud » Nextcloud Server » Version: 10.0.1

cpe:2.3:a:nextcloud:nextcloud_server:10.0.1
Nextcloud » Nextcloud Server » Version: 10.0.2

cpe:2.3:a:nextcloud:nextcloud_server:10.0.2
Nextcloud » Nextcloud Server » Version: 10.0.3

cpe:2.3:a:nextcloud:nextcloud_server:10.0.3
Nextcloud » Nextcloud Server » Version: 11.0.0

cpe:2.3:a:nextcloud:nextcloud_server:11.0.0
Nextcloud » Nextcloud Server » Version: 11.0.1

cpe:2.3:a:nextcloud:nextcloud_server:11.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-0895

Products

Pricing

Contact Us