Lucene search
HackeroneCVELIST:CVE-2021-22915HistoryJun 11, 2021 - 3:49 p.m.
CVE-2021-22915
2021-06-1115:49:38
CWE-307
hackerone
raw.githubusercontent.com
4
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.
Related
nextcloud
nextcloud
Ratelimiting can be bypassed using IPv6 subnets
2021-06-01 18:02:20
cve
cve
CVE-2021-22915
2021-06-11 16:15:00
fedora
fedora
[SECURITY] Fedora 33 Update: nextcloud-19.0.12-1.fc33
2021-07-09 00:46:25
[SECURITY] Fedora 34 Update: nextcloud-20.0.10-1.fc34
2021-07-09 01:03:33
openvas
openvas
Nextcloud Server Brute-Force Protection Vulnerability (NC-SA-2021-009)
2021-06-15 00:00:00
Fedora: Security Advisory for nextcloud (FEDORA-2021-afa7968aeb)
2021-07-11 00:00:00
Fedora: Security Advisory for nextcloud (FEDORA-2021-eac0e52f88)
2021-07-11 00:00:00
osv
osv
CVE-2021-22915
2021-06-11 16:15:11
hackerone
hackerone
Nextcloud: Ratelimiting can be bypassed using IPv6 subnets
2021-04-07 01:26:34
prion
prion
Design/Logic Flaw
2021-06-11 16:15:00