Multiple vulnerabilities in Nextcloud ios
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2011-0944 CVE-2011-1625 CVE-2011-0935 |
| CWE-ID | CWE-399 CWE-362 CWE-310 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Nextcloud iOS App Other software / Other software solutions |
| Vendor | Nextcloud |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Resource management error
EUVDB-ID: #VU44652
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-0944
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.
MitigationInstall update from vendor's website.
Vulnerable software versionsNextcloud iOS App: 12.4 - 15.1
CPE2.3- cpe:2.3:a:nextcloud:ios:12.4:*:*:*:*:*:*:*
- cpe:2.3:a:nextcloud:ios:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:nextcloud:ios:15.1:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/viewAlert.x?alertId=24131
https://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d59.shtml
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU44800
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-1625
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.
MitigationInstall update from vendor's website.
Vulnerable software versionsNextcloud iOS App: 12.2 - 15.1
CPE2.3- cpe:2.3:a:nextcloud:ios:12.2:*:*:*:*:*:*:*
- cpe:2.3:a:nextcloud:ios:12.3:*:*:*:*:*:*:*
- cpe:2.3:a:nextcloud:ios:12.4:*:*:*:*:*:*:*
https://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_SCF/caveats.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cryptographic issues
EUVDB-ID: #VU45127
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2011-0935
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685. CVSS score derived from: http://www.cisco.com/en/US/docs/ios/15_1s/release/notes/15_1s_caveats_15_1_2s.html
MitigationInstall update from vendor's website.
Vulnerable software versionsNextcloud iOS App: 15.0 - 15.1
CPE2.3 External linkshttps://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html
https://www.cisco.com/en/US/docs/ios/15_1s/release/notes/15_1s_caveats_15_1_1s.html
https://www.securityfocus.com/bid/47407
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
