Lucene search
+L

7 matches found

susecve
susecve
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-41239

Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings where disabled. It...

4.3CVSS5.3AI score0.01115EPSS
Exploits0References5
opensuse
opensuse
added 2022/03/31 12:0 a.m.41 views

Security update for nextcloud (moderate)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2022:0098-1 Rating: moderate References: 1196905 1196908 1196952 Cross-References: CVE-2021-41239 CVE-2021-41241 CVE-2021-41741 CVSS scores: CVE-2021-41239 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

6.3CVSS6.1AI score0.01115EPSS
Exploits0References3
osv
osv
added 2022/03/23 5:1 p.m.5 views

OPENSUSE-SU-2022:0089-1 Security update for nextcloud

This update for nextcloud fixes the following issues: nextcloud was updated to 21.0.9: - CVE-2021-41239 CWE-200: user enumeration setting not obeyed in User Status API boo1196905 - CVE-2021-41241 CWE-863: groupfolders advanced permissions is not obeyed for subfolders boo1196908 - CVE-2021-41741...

5.3CVSS5.2AI score0.01115EPSS
Exploits0References7
opensuse
opensuse
added 2022/03/23 12:0 a.m.60 views

Security update for nextcloud (moderate)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2022:0089-1 Rating: moderate References: 1196905 1196908 1196952 Cross-References: CVE-2021-41239 CVE-2021-41241 CVE-2021-41741 CVSS scores: CVE-2021-41239 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

6.3CVSS6.1AI score0.01115EPSS
Exploits0References3
openvas
openvas
added 2022/03/09 12:0 a.m.28 views

Nextcloud Server < 20.0.14, 21.x < 21.0.6, 22.x < 22.2.1 Multiple Vulnerabilities

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

6.5CVSS5.3AI score0.01115EPSS
Exploits0References3
cve
cve
added 2022/03/08 6:5 p.m.116 views

CVE-2021-41239

CVE-2021-41239 affects Nextcloud Server. The issue arises when the User Status API does not respect the administrator’s user enumeration settings, allowing a user to enumerate other users on the instance even if listings are disabled. The vulnerability is described in multiple connected sources a...

5.3CVSS5.3AI score0.01115EPSS
Exploits0References4Affected Software1
vulnrichment
vulnrichment
added 2022/03/08 6:5 p.m.5 views

CVE-2021-41239 User enumeration setting not respected in Nextcloud server

Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings where disabled. It...

5.3CVSS5.1AI score0.01115EPSS
Exploits0References4
Rows per page
Query Builder