SB2021102620 - Multiple vulnerabilities in Nextcloud Server
Published: October 26, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Path traversal (CVE-ID: CVE-2021-41178)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote authenticated attacker can send a specially crafted HTTP request and download arbitrary SVG images.
2) Improper control of interaction frequency (CVE-ID: CVE-2021-41177)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper control of interaction frequency. A remote authenticated attacker can gain access to the target application.
3) Improper Authentication (CVE-ID: CVE-2021-41179)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the Two-Factor Authentication is not enforced for pages marked as public. A remote authenticated attacker can bypass authentication process and gain unauthorized access to sensitive information.
Remediation
Install update from vendor's website.
References
- https://hackerone.com/reports/1302155
- https://github.com/nextcloud/server/pull/28726
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jp9c-vpr3-m5rf
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-fj39-4qx4-m3f2
- https://hackerone.com/reports/1265709
- https://github.com/nextcloud/server/pull/28728
- https://github.com/nextcloud/server/pull/28725
- https://hackerone.com/reports/1322865
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23