vulnerability

SUSE: CVE-2021-32800: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:L/Au:N/C:P/I:P/A:N)	Sep 7, 2021	Sep 15, 2021	Oct 26, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Published

Sep 7, 2021

Added

Sep 15, 2021

Modified

Oct 26, 2022

Description

Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. There are no workaround for this vulnerability.

Solutions

suse-upgrade-nextcloudsuse-upgrade-nextcloud-apache

References

CVE-2021-32800
https://attackerkb.com/topics/CVE-2021-32800

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today