CVE-2024-22404
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-22404 is a vulnerability affecting the Nextcloud Files Zip app. In certain versions of the app, users can download "view-only" files by zipping the entire folder. To mitigate this vulnerability, it is recommended to upgrade the Files ZIP app to version 1.2.1, 1.4.1, or 1.5.0. Alternatively, if upgrading is not possible, disabling the file zip app is advised. This vulnerability has a risk score of 10 and a base severity of MEDIUM according to [email protected]. The confidentiality impact is rated as LOW and there is no integrity impact or availability impact identified.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions