Lucene search
PRIOn knowledge basePRION:CVE-2021-32657HistoryJun 01, 2021 - 10:15 p.m.
Command injection
2021-06-0122:15:00
PRIOn knowledge base
www.prio-n.com
7
Nextcloud Server is a Nextcloud package that handles data storage. In versions of Nextcloud Server prior to 10.0.11, 20.0.10, and 21.0.2, a malicious user may be able to break the user administration page. This would disallow administrators to administrate users on the Nextcloud instance. The vulnerability is fixed in versions 19.0.11, 20.0.10, and 21.0.2. As a workaround, administrators can use the OCC command line tool to administrate the Nextcloud users.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nextcloud_server | lt | 19.0.11 | |
| nextcloud_server | ge | 20.0.0 | |
| nextcloud_server | lt | 20.0.10 | |
| nextcloud_server | ge | 21.0.0 | |
| nextcloud_server | lt | 21.0.2 |
Related
cve
cve
CVE-2021-32657
2021-06-01 22:15:08
nextcloud
nextcloud
Malicious user could break user administration page
2021-06-01 18:19:34
hackerone
hackerone
cvelist
cvelist
CVE-2021-32657 Malicious user could break user administration page
2021-06-01 22:10:10
nvd
nvd
CVE-2021-32657
2021-06-01 22:15:08
osv
osv
CVE-2021-32657
2021-06-01 22:15:08
openvas
openvas
Nextcloud Server Multiple Vulnerabilities (May 2021)
2021-06-02 00:00:00
nessus
nessus
GLSA-202208-17 : Nextcloud: Multiple Vulnerabilities
2022-08-16 00:00:00
gentoo
gentoo
Nextcloud: Multiple Vulnerabilities
2022-08-10 00:00:00