CVE-2021-32766
Nextcloud Text app can disclose existence of folders in "File Drop" link share
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link share has been created with "Upload Only" privileges. (aka "File Drop"). A link share recipient is not expected to see which folders or files exist in a "File Drop" share. Using this vulnerability an attacker is able to enumerate folders in such a share. Exploitation requires that the attacker has access to a valid affected "File Drop" link share. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.0.1. Users who are unable to upgrade are advised to disable the Nextcloud Text application in the app settings.
Nextcloud Text es una aplicación de edición de texto plano de código abierto que se suministra con el servidor nextcloud. En las versiones afectadas la aplicación Nextcloud Text devolvía diferentes mensajes de error dependiendo de si una carpeta existía en un enlace público compartido. Esto es problemático en el caso de que el recurso compartido de enlace público haya sido creado con privilegios "Upload Only". (también se conoce como "File Drop"). No se espera que un destinatario de un enlace compartido vea qué carpetas o archivos existen en un recurso compartido "File Drop". Usando esta vulnerabilidad un atacante es capaz de enumerar las carpetas en dicho recurso compartido. La explotación requiere que el atacante tenga acceso a un recurso compartido de enlace "File Drop" válido y afectado. Se recomienda actualizar el servidor Nextcloud a la versión 20.0.12, 21.0.4 o 22.0.1. Los usuarios que no puedan actualizar se les aconseja deshabilitar la aplicación Nextcloud Text en la configuración de la aplicación
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-12 CVE Reserved
- 2021-09-07 CVE Published
- 2024-05-23 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-209: Generation of Error Message Containing Sensitive Information
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gcf3-3wmc-88jr | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/nextcloud/text/pull/1716 | 2022-09-27 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nextcloud Search vendor "Nextcloud" | Nextcloud Server Search vendor "Nextcloud" for product "Nextcloud Server" | < 20.0.12 Search vendor "Nextcloud" for product "Nextcloud Server" and version " < 20.0.12" | - |
Affected
| ||||||
Nextcloud Search vendor "Nextcloud" | Nextcloud Server Search vendor "Nextcloud" for product "Nextcloud Server" | >= 21.0.0 < 21.0.4 Search vendor "Nextcloud" for product "Nextcloud Server" and version " >= 21.0.0 < 21.0.4" | - |
Affected
| ||||||
Nextcloud Search vendor "Nextcloud" | Nextcloud Server Search vendor "Nextcloud" for product "Nextcloud Server" | >= 22.0.0 < 22.1.0 Search vendor "Nextcloud" for product "Nextcloud Server" and version " >= 22.0.0 < 22.1.0" | - |
Affected
|