Lucene search
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2022-0098-1.NASLHistoryApr 01, 2022 - 12:00 a.m.
openSUSE 15 Security Update : nextcloud (openSUSE-SU-2022:0098-1)
2022-04-0100:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0098-1 advisory.
-
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings where disabled. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. There are no known workarounds.
(CVE-2021-41239) -
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting advanced permissions on subfolders, for example, a user could be granted access to the groupfolder but not specific subfolders. Due to a lacking permission check in affected versions, a user could still access these subfolders by copying the groupfolder to another location. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the groupfolders application in the admin settings. (CVE-2021-41241)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# openSUSE Security Update openSUSE-SU-2022:0098-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(159458);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/01");
script_cve_id("CVE-2021-41239", "CVE-2021-41241", "CVE-2021-41741");
script_name(english:"openSUSE 15 Security Update : nextcloud (openSUSE-SU-2022:0098-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in
the openSUSE-SU-2022:0098-1 advisory.
- Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions
the User Status API did not consider the user enumeration settings by the administrator. This allowed a
user to enumerate other users on the instance, even when user listings where disabled. It is recommended
that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. There are no known workarounds.
(CVE-2021-41239)
- Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders
application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting
advanced permissions on subfolders, for example, a user could be granted access to the groupfolder but
not specific subfolders. Due to a lacking permission check in affected versions, a user could still access
these subfolders by copying the groupfolder to another location. It is recommended that the Nextcloud
Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the groupfolders
application in the admin settings. (CVE-2021-41241)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196905");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196908");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196952");
# https://lists.opensuse.org/archives/list/[email protected]/thread/EZTHEQMMIKP2RX3EBMXDQAOIVUPMCDFB/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ab8d4f48");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-41239");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-41241");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-41741");
script_set_attribute(attribute:"solution", value:
"Update the affected nextcloud and / or nextcloud-apache packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-41239");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nextcloud");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nextcloud-apache");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.3");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/SuSE/release');
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, 'openSUSE');
var os_ver = pregmatch(pattern: "^SUSE([\d.]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');
os_ver = os_ver[1];
if (release !~ "^(SUSE15\.3)$") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);
var pkgs = [
{'reference':'nextcloud-21.0.9-bp153.2.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
{'reference':'nextcloud-apache-21.0.9-bp153.2.12.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var release = NULL;
var cpu = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && release) {
if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nextcloud / nextcloud-apache');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41239
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41741
www.nessus.org/u?ab8d4f48
bugzilla.suse.com/1196905
bugzilla.suse.com/1196908
bugzilla.suse.com/1196952
www.suse.com/security/cve/CVE-2021-41239
www.suse.com/security/cve/CVE-2021-41241
www.suse.com/security/cve/CVE-2021-41741
Related
suse
suse
Security update for nextcloud (moderate)
2022-03-23 00:00:00
Security update for nextcloud (moderate)
2022-03-31 00:00:00
openvas
openvas
prion
prion
Design/Logic Flaw
2022-03-08 19:15:00
Code injection
2022-03-08 18:15:00
cvelist
cvelist
osv
osv
CVE-2021-41241
2022-03-08 19:15:07
CVE-2021-41239
2022-03-08 18:15:07
cnvd
cnvd
Nextcloud server information disclosure vulnerability (CNVD-2022-20691)
2022-03-10 00:00:00
Nextcloud server authorization issue vulnerability (CNVD-2022-20692)
2022-03-10 00:00:00
cve
cve
nextcloud
nextcloud
User enumeration setting not obeyed in User Status API
2022-03-08 16:12:47
Groupfolders advanced permissions is not obeyed for subfolders
2022-03-08 16:13:01
nessus
nessus
GLSA-202208-17 : Nextcloud: Multiple Vulnerabilities
2022-08-16 00:00:00
gentoo
gentoo
Nextcloud: Multiple Vulnerabilities
2022-08-10 00:00:00
Related for OPENSUSE-2022-0098-1.NASL