Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the patches are known to exist.
History

Wed, 20 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Nextcloud mail
CPEs cpe:2.3:a:nextcloud:nextcloud_mail:*:*:*:*:*:*:*:* cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*
Vendors & Products Nextcloud nextcloud Mail
Nextcloud mail

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-06-01T19:05:11

Updated: 2024-08-03T23:25:31.016Z

Reserved: 2021-05-12T00:00:00

Link: CVE-2021-32652

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-01T19:15:07.510

Modified: 2024-11-21T06:07:27.773

Link: CVE-2021-32652

cve-icon Redhat

No data.