CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37629 – Lack of ratelimit on Richdocuments OCS endpoint in nextcloud
https://notcve.org/view.php?id=CVE-2021-37629
Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. It is recommended that the Nextcloud Richdocuments app is upgraded to either 3.8.4 or 4.2.1 to resolve. For users unable to upgrade it is recommended that the Richdocuments application be disabled. • https://github.com/nextcloud/richdocuments/pull/1663 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gvvr-h36p-8mjx https://hackerone.com/reports/1258750 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37628 – File Drop can be bypassed using Richdocuments app in nextcloud
https://notcve.org/view.php?id=CVE-2021-37628
Nextcloud Richdocuments is an open source collaborative office suite. In affected versions the File Drop features ("Upload Only" public link shares in Nextcloud) can be bypassed using the Nextcloud Richdocuments app. An attacker was able to read arbitrary files in such a share. It is recommended that the Nextcloud Richdocuments is upgraded to 3.8.4 or 4.2.1. If upgrading is not possible then it is recommended to disable the Richdocuments application. • https://github.com/nextcloud/richdocuments/pull/1664 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pxhh-954f-8w7w https://hackerone.com/reports/1253403 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-32748 – WOPI API not protected by credentials/IP check
https://notcve.org/view.php?id=CVE-2021-32748
Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user has not yet access to, it can result in a bypass of any enforced watermark on documents as described on the [Nextcloud Virtual Data Room](https://nextcloud.com/virtual-data-room/) website and [our documentation](https://portal.nextcloud.com/article/nextcloud-and-virtual-data-room-configuration-59.html). The Nextcloud Richdocuments releases 3.8.3 and 4.2.0 add an additional admin settings for an allowlist of IP addresses that can access the WOPI API. We recommend upgrading and configuring the allowlist to a list of Collabora servers. • https://github.com/nextcloud/richdocuments/pull/1640 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24x8-h6m2-9jf2 https://hackerone.com/reports/1194606 • CWE-862: Missing Authorization •