cnvd - cnvd-2022-18418

cnvd-2022-18418

Vulnerability from cnvd

Title: Nextcloud存在未明漏洞（CNVD-2022-18418）

Description:

Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。

Nextcloud存在安全漏洞，该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题，攻击者可利用该漏洞访问任何私人聊天频道，而无需通过双因素流程。

Severity: 中

Patch Name: Nextcloud存在未明漏洞（CNVD-2022-18418）的补丁

Patch Description:

Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。

Nextcloud存在安全漏洞，该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题，攻击者可利用该漏洞访问任何私人聊天频道，而无需通过双因素流程。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23

Reference: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23

Impacted products

Name
['Nextcloud Nextcloud <20.0.13', 'Nextcloud Nextcloud <21.0.5', 'Nextcloud Nextcloud <22.2.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-41179",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-41179"
    }
  },
  "description": "Nextcloud\u662f\u5fb7\u56fdNextcloud\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u81ea\u6258\u7ba1\u6587\u4ef6\u540c\u6b65\u548c\u5171\u4eab\u7684\u901a\u4fe1\u5e94\u7528\u5e73\u53f0\u3002\n\nNextcloud\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7684\u4ee3\u7801\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5b58\u5728\u8bbe\u8ba1\u6216\u5b9e\u73b0\u4e0d\u5f53\u7684\u95ee\u9898\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u4efb\u4f55\u79c1\u4eba\u804a\u5929\u9891\u9053\uff0c\u800c\u65e0\u9700\u901a\u8fc7\u53cc\u56e0\u7d20\u6d41\u7a0b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-18418",
  "openTime": "2022-03-11",
  "patchDescription": "Nextcloud\u662f\u5fb7\u56fdNextcloud\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u81ea\u6258\u7ba1\u6587\u4ef6\u540c\u6b65\u548c\u5171\u4eab\u7684\u901a\u4fe1\u5e94\u7528\u5e73\u53f0\u3002\r\n\r\nNextcloud\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7684\u4ee3\u7801\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5b58\u5728\u8bbe\u8ba1\u6216\u5b9e\u73b0\u4e0d\u5f53\u7684\u95ee\u9898\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u4efb\u4f55\u79c1\u4eba\u804a\u5929\u9891\u9053\uff0c\u800c\u65e0\u9700\u901a\u8fc7\u53cc\u56e0\u7d20\u6d41\u7a0b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Nextcloud\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2022-18418\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Nextcloud Nextcloud \u003c20.0.13",
      "Nextcloud Nextcloud \u003c21.0.5",
      "Nextcloud Nextcloud \u003c22.2.0"
    ]
  },
  "referenceLink": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23",
  "serverity": "\u4e2d",
  "submitTime": "2021-10-28",
  "title": "Nextcloud\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2022-18418\uff09"
}

CVE-2021-41179 (GCVE-0-2021-41179)

Vulnerability from cvelistv5

Published

2021-10-25 22:00

Modified

2024-08-04 02:59

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-304 - Missing Critical Step in Authentication

Summary

Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn't authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.

References

▼	URL	Tags
	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23	x_refsource_CONFIRM
	https://github.com/nextcloud/server/pull/28725	x_refsource_MISC
	https://hackerone.com/reports/1322865	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	nextcloud	security-advisories	Version: < 20.0.13 Version: >= 21.0.0, < 21.0.5 Version: < 22.2.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:59:31.640Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/pull/28725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1322865"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "security-advisories",
          "vendor": "nextcloud",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 20.0.13"
            },
            {
              "status": "affected",
              "version": "\u003e= 21.0.0, \u003c 21.0.5"
            },
            {
              "status": "affected",
              "version": "\u003c 22.2.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn\u0027t enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn\u0027t authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-304",
              "description": "CWE-304: Missing Critical Step in Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-25T22:00:13",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/pull/28725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1322865"
        }
      ],
      "source": {
        "advisory": "GHSA-7hvh-rc6f-px23",
        "discovery": "UNKNOWN"
      },
      "title": "Two-Factor Authentication not enforced for pages marked as public",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-41179",
          "STATE": "PUBLIC",
          "TITLE": "Two-Factor Authentication not enforced for pages marked as public"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "security-advisories",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 20.0.13"
                          },
                          {
                            "version_value": "\u003e= 21.0.0, \u003c 21.0.5"
                          },
                          {
                            "version_value": "\u003c 22.2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "nextcloud"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn\u0027t enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn\u0027t authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-304: Missing Critical Step in Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23",
              "refsource": "CONFIRM",
              "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7hvh-rc6f-px23"
            },
            {
              "name": "https://github.com/nextcloud/server/pull/28725",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/pull/28725"
            },
            {
              "name": "https://hackerone.com/reports/1322865",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1322865"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-7hvh-rc6f-px23",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-41179",
    "datePublished": "2021-10-25T22:00:13",
    "dateReserved": "2021-09-15T00:00:00",
    "dateUpdated": "2024-08-04T02:59:31.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted