Nextcloud Tables Missing Ownership Check Vulnerability Allows Unauthorized Column Manipulation
Vulnerability
A vulnerability exists in the Nextcloud Tables app, specifically in versions 0.4.0 through 0.8.5 and 0.9.0 prior to 0.9.3. The issue arises from a missing ownership check, which allows a malicious user to create a table and transfer a column into a victim's table. This vulnerability has been addressed in versions 0.8.6 and 0.9.3.
Impact
Exploitation of this vulnerability could lead to unauthorized manipulation of table columns, allowing users to interfere with each other's data.
Reproduction
To reproduce this vulnerability, a user must create a table and then move a column from their table to one belonging to another user. This can be done by exploiting the lack of ownership checks in the application's column management features.
Remediation
Users are advised to update the Nextcloud Tables app to version 0.8.6 or 0.9.3. If a manual update is not possible, the app can be disabled.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.