{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "12.0.11" }, { "introduced": "13.0.0" }, { "fixed": "13.0.6" }, { "introduced": "0" }, { "last_affected": "14.0.0-beta1" }, { "introduced": "0" }, { "last_affected": "14.0.0-beta2" }, { "introduced": "0" }, { "last_affected": "14.0.0-beta3" }, { "introduced": "0" }, { "last_affected": "14.0.0-beta4" }, { "introduced": "0" }, { "last_affected": "14.0.0-rc1" }, { "introduced": "0" }, { "last_affected": "14.0.0-rc2" } ] }, "events": [ { "introduced": "0" }, { "fixed": "b604bf28358d259085308f8769e841a3160b8736" }, { "introduced": "3b4285e13f6b1ec074b98466f49e189101f090bc" }, { "fixed": "2a973843f0acf084ba62d41f7d2c1526b5f8f4d1" }, { "introduced": "0" }, { "last_affected": "adcc061166ab86bd39b004bd85847320fdd2d525" }, { "introduced": "0" }, { "last_affected": "9891eae232d77391699d3be908ed03426779d4d2" }, { "introduced": "0" }, { "last_affected": "def2bf2086b00b5bb00b362a5a50840fdf8b4cc0" }, { "introduced": "0" }, { "last_affected": "bdead84ec68001377e599230e86c3ea18d277a13" }, { "introduced": "0" }, { "last_affected": "9823c7197150e4134490c043c2e2e53733eae783" }, { "introduced": "0" }, { "last_affected": "c31632ccdf5c9a76499ad36b40c8cf52c1602754" } ], "repo": "https://github.com/nextcloud/server", "type": "GIT" } ] } ], "details": "Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.", "id": "CVE-2018-16466", "modified": "2026-03-13T21:51:35.608304704Z", "published": "2018-10-30T21:29:00.793Z", "references": [ { "type": "ADVISORY", "url": "https://hackerone.com/reports/388515" }, { "type": "ADVISORY", "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2018-010" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "type": "CVSS_V3" } ] }