NextcloudGHSA-VXCM-G5V4-637FNextcloud Server shipped insecure Archive_Tar version
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
76.7%
Description
Impact
The PHP library Archive_Tar in version 1.4.12 as used by the Nextcloud was vulnerable to a bug allowing to point symlinks outside of the extracted archive.
Whilst the vulnerable function is not used by default in a vulnerable context in Nextcloud, there are third-party apps from the Nextcloud appstore which rely on this library.
More details about the vulnerability details can be found on cve.mitre.org and the vulnerability in the library is tracked as CVE-2021-32610.
Patches
It is recommended that the Nextcloud Server is upgraded to 20.0.13, 21.0.5 or 22.2.0.
Workarounds
Do not use any application from the appstore relying on Archive_Tar.
References
For more information
If you have any questions or comments about this advisory:
- Create a post in nextcloud/security-advisories
- Customers: Open a support ticket at support.nextcloud.com
Related
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
76.7%