CVE-2022-31118

MEDIUM Year: 2022
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-770
View all →

Vulnerability Description

Nextcloud server is an open source personal cloud solution. In affected versions an attacker could brute force to find if federated sharing is being used and potentially try to brute force access tokens for federated shares (`a-zA-Z0-9` ^ 15). It is recommended that the Nextcloud Server is upgraded to 22.2.9, 23.0.6 or 24.0.2. Users unable to upgrade may disable federated sharing via the Admin Sharing settings in `index.php/settings/admin/sharing`.

Related Vulnerabilities

CVE-2005-4650

MEDIUM
CVSS:5.3(Medium)

Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.

CWE-7702005

CVE-2008-5180

MEDIUM
CVSS:5.3(Medium)

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigg...

CWE-7702008

CVE-2017-18899

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.

CWE-7702017

CVE-2018-0006

MEDIUM
CVSS:5.3(Medium)

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to...

CWE-7702018

CVE-2019-0005

MEDIUM
CVSS:5.3(Medium)

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been b...

CWE-7702019

CVE-2019-15165

MEDIUM
CVSS:5.3(Medium)

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CWE-7702019