Nextcloud Security-Advisories vulnerabilities

CVE-2021-32800 [HIGH] CWE-306 CVE-2021-32800: Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4

CVE-2021-32782 [MEDIUM] CWE-79 CVE-2021-32782: Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected ve Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Pol

CVE-2021-37631 [MEDIUM] CWE-639 CVE-2021-37631: Deck is an open source kanban style organization tool aimed at personal planning and project organiz Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if

CVE-2021-32766 [MEDIUM] CWE-209 CVE-2021-32766: Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link share has been created with "Upload Only" privileges. (ak

CVE-2021-32801 [MEDIUM] CWE-532 CVE-2021-32801: Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exce Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. If upgrading is not an option users are ad

CVE-2021-37629 [MEDIUM] CWE-200 CVE-2021-37629: Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. It is recommended that the Nextcloud Richdocuments app is upgraded to either 3.8.4 or 4.2.1 to resolve. For users

CVE-2021-37630 [MEDIUM] CWE-639 CVE-2021-37630: Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected ve Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that Nextcloud Circles is upgraded to 0.19.15, 0.20.11 or 0.21.4. There are no wo

CVE-2021-37617 [HIGH] CWE-426 CVE-2021-37617: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. T The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the `Uninstall.exe` file in a folder that can be written b

CVE-2021-32728 [MEDIUM] CWE-295 CVE-2021-32728: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. C The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private key belongs to previously downloaded public certific

CVE-2021-32748 [MEDIUM] CWE-862 CVE-2021-32748: Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web A Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user ha

CVE-2021-32726 [CRITICAL] CWE-708 CVE-2021-32726: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There a

CVE-2021-32727 [HIGH] CWE-295 CVE-2021-32727: Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private key belonged to a previously downloaded public certifica

CVE-2021-32688 [HIGH] CWE-285 CVE-2021-32688: Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server supports applica Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server supports application specific tokens for authentication purposes. These tokens are supposed to be granted to a specific applications (e.g. DAV sync clients), and can also be configured by the user to not have any filesystem access. Due to a lacking permission check, th

CVE-2021-32679 [HIGH] CWE-116 CVE-2021-32679: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using `DownloadResponse`. When a user-supplied filename was passed unsanitized into a `DownloadResponse`, this could be used to trick users into downloading malicious files with a b

CVE-2021-32705 [HIGH] CWE-799 CVE-2021-32705: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed an attacker to enumerate potentially valid share tokens or credentials. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known

CVE-2021-32741 [MEDIUM] CWE-799 CVE-2021-32741: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known

CVE-2021-32689 [MEDIUM] CWE-200 CVE-2021-32689: Nextcloud Talk is a fully on-premises audio/video and chat communication service. In versions prior Nextcloud Talk is a fully on-premises audio/video and chat communication service. In versions prior to 11.2.2, if a user was able to reuse an earlier used username, they could get access to any chat message sent to the previous user with this username. The issue was patched in versions 11.2.2 and 11.3.0. As a workaround, don't allow users to choose u

CVE-2021-32703 [MEDIUM] CWE-799 CVE-2021-32703: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the shareinfo endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds.

CVE-2021-32734 [MEDIUM] CWE-209 CVE-2021-32734: Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20. Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3.

CVE-2021-32733 [MEDIUM] CWE-79 CVE-2021-32733: Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scri Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a `text/html` Content-Type when serving files to users. Due the strict Content-Security-Policy shipped w