Description
A vulnerability classified as critical has been found in FileCloud. Affected is an unknown function of the component NTFS Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-201960.
References (4)
Core 4
Core References
Third Party Advisory vdb-entry
https://vuldb.com/?id.201960
Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.201960
Vendor Advisory related
https://www.filecloud.com/supportdocs/fcdoc/2v/server/security-advisories/2022-security-advisories/advisory-2022-06-01-potential-unauthorized-data-access-when-using-network-folders-with-ntfs-permissions
Third Party Advisory related
https://www.scip.ch/?news.20220615
Scores
CVSS v3
6.3
EPSS
0.0068
EPSS Percentile
47.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-284
Status
published
Products (1)
filecloud/filecloud
21.2 - 21.3.5.18513
Published
Jun 15, 2022
Tracked Since
Feb 18, 2026