5 matches found
CVE-2021-32705
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed an attacker to enumerate potentially valid share tokens or credentials. The issue was fixed in...
Command injection
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed an attacker to enumerate potentially valid share tokens or credentials. The issue was fixed in...
CVE-2021-32705
CVE-2021-32705 affects Nextcloud Server: prior to versions 19.0.13, 20.0.11, and 21.0.3 there was no ratelimit on the public DAV endpoint, which could allow an attacker to enumerate potentially valid share tokens or credentials. The issue is fixed in 19.0.13, 20.0.11, and 21.0.3. Impact described...
CVE-2021-32705 Lack of ratelimit on public DAV endpoint
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed an attacker to enumerate potentially valid share tokens or credentials. The issue was fixed in...
Lack of ratelimit on public DAV endpoint
None...