{"containers": {"cna": {"affected": [{"product": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4", "vendor": "n/a", "versions": [{"status": "affected", "version": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4"}]}], "datePublic": "2017-03-27T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-275", "description": "Permission Issues (CWE-275)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-04-03T09:57:01.000Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014"}, {"tags": ["x_refsource_MISC"], "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004"}, {"name": "97276", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97276"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547"}, {"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/145950"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2016-9461", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4", "version": {"version_data": [{"version_value": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Permission Issues (CWE-275)"}]}]}, "references": {"reference_data": [{"name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014", "refsource": "MISC", "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014"}, {"name": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004", "refsource": "MISC", "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004"}, {"name": "97276", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97276"}, {"name": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47", "refsource": "MISC", "url": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47"}, {"name": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9", "refsource": "MISC", "url": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9"}, {"name": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e", "refsource": "MISC", "url": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e"}, {"name": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547", "refsource": "MISC", "url": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547"}, {"name": "https://hackerone.com/reports/145950", "refsource": "MISC", "url": "https://hackerone.com/reports/145950"}, {"name": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc", "refsource": "MISC", "url": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:50:38.345Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004"}, {"name": "97276", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/97276"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/145950"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc"}]}]}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2016-9461", "datePublished": "2017-03-28T02:46:00.000Z", "dateReserved": "2016-11-19T00:00:00.000Z", "dateUpdated": "2024-08-06T02:50:38.345Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC479D9A-DAEB-42B6-98D7-0A417B34359D", "versionEndExcluding": "9.0.52", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FAD2663-CE0E-4AB0-90C5-D47124458AAC", "versionEndExcluding": "9.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files."}, {"lang": "es", "value": "Nextcloud Server en versiones anteriores a 9.0.52 & ownCloud Server en versiones anteriores a 9.0.4 no est\u00e1n verificando correctamente los permisos de comprobaci\u00f3n de edici\u00f3n en las acciones de copia de WebDAV. El punto final WebDAV no comprueba correctamente el permiso en una acci\u00f3n WebDAV COPY. Esto permiti\u00f3 a un atacante autenticado con acceso a un recurso compartido de solo lectura para poner all\u00ed nuevos archivos. No fue posible modificar los archivos existentes."}], "id": "CVE-2016-9461", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-28T02:59:00.840", "references": [{"source": "support@hackerone.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97276"}, {"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc"}, {"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547"}, {"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e"}, {"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47"}, {"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9"}, {"source": "support@hackerone.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/145950"}, {"source": "support@hackerone.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004"}, {"source": "support@hackerone.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97276"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/nextcloud/server/commit/3491400261c1454a9a30d3ec96969573330120cc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/0622e635d97cb17c5e1363e370bb8268cc3d2547"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/121a3304a0c37ccda0e1b63ddc528cba9121a36e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/acbbadb71ceee7f01da347f7dcd519beda78cc47"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/owncloud/core/commit/c0a4b7b3f38ad2eaf506484b3b92ec678cb021c9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/145950"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-004"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-014"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-275"}], "source": "support@hackerone.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}