Wiz
Vulnerability DatabaseCVE-2019-15621

CVE-2019-15621
Linux openSUSE vulnerability analysis and mitigation

Overview

CVE-2019-15621 is a vulnerability discovered in Nextcloud Server 16.0.1 related to improper permissions preservation. The vulnerability allows sharees to reshare mount points of received shares as public links with write permissions, which could lead to unauthorized access and modifications (OpenSUSE Security, CVE Mitre).

Technical details

The vulnerability is identified as NC-SA-2020-012 in Nextcloud's security advisory system. It specifically affects the sharing mechanism in Nextcloud Server 16.0.1, where the system fails to properly preserve permission restrictions when users reshare mount points they have received (OpenSUSE Security).

Impact

The vulnerability could allow users to escalate their sharing permissions by creating public links with write access to content they should only have read access to, potentially compromising data security and access control mechanisms (OpenSUSE Security).

Mitigation and workarounds

The vulnerability was addressed in subsequent updates to Nextcloud. Users are advised to upgrade to patched versions. The fix was included in Nextcloud 15.0.14 release and was distributed through various platform-specific updates including SUSE Package Hub and openSUSE Backports (OpenSUSE Security).

Additional resources

SourceThis report was generated using AI

Related Linux openSUSE vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-15079MEDIUM5.3
  • cURLcURL
  • libcurl4
NoYesJan 08, 2026
CVE-2025-14819MEDIUM5.3
  • cURLcURL
  • libcurl4
NoYesJan 08, 2026
CVE-2025-14524MEDIUM5.3
  • cURLcURL
  • libcurl-devel
NoYesJan 08, 2026
CVE-2025-15224LOW3.1
  • cURLcURL
  • cpe:2.3:a:haxx:curl
NoYesJan 08, 2026
CVE-2025-14017N/AN/A
  • cURLcURL
  • rust-analysis
NoYesJan 08, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo