Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-32689
HistoryJul 12, 2021 - 7:15 p.m.

CVE-2021-32689

2021-07-1219:15:10
Google
osv.dev
5
nextcloud talk
on-premises
vulnerability
patched
versions
usernames
chat message
workaround

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

38.9%

JSON

Nextcloud Talk is a fully on-premises audio/video and chat communication service. In versions prior to 11.2.2, if a user was able to reuse an earlier used username, they could get access to any chat message sent to the previous user with this username. The issue was patched in versions 11.2.2 and 11.3.0. As a workaround, don’t allow users to choose usernames themselves. This is the default behaviour of Nextcloud, but some user providers may allow doing so.

Related

nextcloud 1
cve 1
nvd 1
prion 1
cvelist 1
nextcloud
nextcloud
Nextcloud Talk not properly disassociating users from chats after account deletion
2021-07-12 09:17:43
cve
cve
CVE-2021-32689
2021-07-12 19:15:10
nvd
nvd
CVE-2021-32689
2021-07-12 19:15:10
prion
prion
Default credentials
2021-07-12 19:15:00
cvelist
cvelist
CVE-2021-32689 Nextcloud Talk not properly disassociating users from chats after account deletion
2021-07-12 18:45:15

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

38.9%

JSON
Related for OSV:CVE-2021-32689
nextcloud1cve1nvd1prion1cvelist1