vulnerability

Gentoo Linux: CVE-2021-32800: Nextcloud: Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:L/Au:N/C:P/I:P/A:N)	Sep 7, 2021	Aug 11, 2022	Aug 13, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Published

Sep 7, 2021

Added

Aug 11, 2022

Modified

Aug 13, 2025

Description

Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. There are no workaround for this vulnerability.

Solution

gentoo-linux-upgrade-www-apps-nextcloud

References

CVE-2021-32800
https://attackerkb.com/topics/CVE-2021-32800
CWE-306
GENTOO-202208-17

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today