Lucene search
GoogleOSV:CVE-2021-32726HistoryJul 12, 2021 - 8:15 p.m.
CVE-2021-32726
2021-07-1220:15:10
Google
osv.dev
4
nextcloud server
data storage
webauthn tokens
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds.
Related
cve
cve
CVE-2021-32726
2021-07-12 20:15:10
nextcloud
nextcloud
Webauthn tokens not removed after user has been deleted
2021-07-12 09:22:25
prion
prion
Code injection
2021-07-12 20:15:00
cvelist
cvelist
CVE-2021-32726 Webauthn tokens not removed after user has been deleted
2021-07-12 19:45:13
hackerone
hackerone
Nextcloud: Webauthn tokens are not removed on user deletion
2021-05-19 12:07:33
nvd
nvd
CVE-2021-32726
2021-07-12 20:15:10
archlinux
archlinux
[ASA-202107-22] nextcloud: multiple issues
2021-07-14 00:00:00
openvas
openvas
Nextcloud Server Multiple Vulnerabilities (Jul 2021)
2021-07-16 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00
nessus
nessus
openSUSE 15 Security Update : nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00
GLSA-202208-17 : Nextcloud: Multiple Vulnerabilities
2022-08-16 00:00:00
suse
suse
Security update for nextcloud (important)
2021-07-21 00:00:00
gentoo
gentoo
Nextcloud: Multiple Vulnerabilities
2022-08-10 00:00:00