Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Nextcloud Server Multiple Vulnerabilities (Sep 2021)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Nextcloud Server is prone to multiple vulnerabilities.
Insight
Insight
The following vulnerabilities exist: - CVE-2021-32766: Nextcloud Text app can disclose existence of folders in 'File Drop' link share - CVE-2021-32800: Bypass of Two Factor Authentication - CVE-2021-32801: Exceptions may have logged Encryption-at-Rest key content - CVE-2021-32802: Preview generation used third-party library not suited for user-generated content
Affected Software
Affected Software
Nextcloud server 20.0.11 and prior, 21.0.x through 21.0.3 and 22.x prior to 22.1.0.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 20.0.12, 21.0.4, 22.1.0 or later.