CVE-2021-32705: Lack of ratelimit on public DAV endpoint
First published: Mon Jul 12 2021(Updated: )
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed an attacker to enumerate potentially valid share tokens or credentials. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nextcloud Server | <19.0.13 | |
| Nextcloud Server | >=20.0.0<20.0.11 | |
| Nextcloud Server | >=21.0.0<21.0.3 | |
| Red Hat Fedora | =33 | |
| Red Hat Fedora | =34 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-fjv7-283f-5m54
- https://github.com/nextcloud/server/pull/27610
- https://hackerone.com/reports/1192159
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BVZS26RDME2DYTKET5AECRIZDFUGR2AZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J63NBVPR2AQCAWRNDOZSGRY5II4WS2CZ/
- https://security.gentoo.org/glsa/202208-17
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J63NBVPR2AQCAWRNDOZSGRY5II4WS2CZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BVZS26RDME2DYTKET5AECRIZDFUGR2AZ/
Frequently Asked Questions
What is the severity of CVE-2021-32705?
CVE-2021-32705 has a medium severity level due to the potential for credential enumeration.
How do I fix CVE-2021-32705?
To fix CVE-2021-32705, upgrade your Nextcloud Server to version 19.0.13, 20.0.11 or above, or 21.0.3 or above.
Which versions of Nextcloud Server are affected by CVE-2021-32705?
Versions prior to 19.0.13, 20.0.11, and 21.0.3 of Nextcloud Server are affected by CVE-2021-32705.
Can CVE-2021-32705 allow an attacker to exploit my Nextcloud server?
Yes, CVE-2021-32705 can allow an attacker to enumerate valid share tokens or credentials due to lack of ratelimiting.
Is there any mitigation for CVE-2021-32705 besides updating?
Currently, updating to the patched versions is the recommended and primary mitigation for CVE-2021-32705.
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/nextcloud
- canonical/nextcloud server
- version/nextcloud server/20.0.0
- version/nextcloud server/21.0.0
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/33
- version/red hat fedora/34