Privilege Escalation Vulnerability in NextCloud Packaging for openSUSE
CVE-2017-9286 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade.
Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.