Vulnerabilities > CVE-2019-15610 - Incorrect Authorization vulnerability in Nextcloud Circles

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
nextcloud
CWE-863

Summary

Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.

Common Weakness Enumeration (CWE)