Description

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.

INFO

Published Date :

2024-11-15T17:29:44.840Z

Last Modified :

2024-11-15T18:20:10.869Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-52510 vulnerability.

Vendors Products
Nextcloud
  • Desktop
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52510.

URL Resource
https://github.com/nextcloud/desktop/commit/97539218e6f63c3a3fd1694cb7d8aef27c5910d7 cve-icon cve-icon
https://github.com/nextcloud/desktop/pull/7333 cve-icon cve-icon
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v cve-icon cve-icon
https://hackerone.com/reports/2597504 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact