CVE-2021-32726

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
GitHub_MCNA
7.1 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
nextcloudnextcloud_server
𝑥
< 19.0.13
nextcloudnextcloud_server
20.0.0 ≤
𝑥
< 20.0.11
nextcloudnextcloud_server
21.0.0 ≤
𝑥
< 21.0.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6qr9-c846-j8mg
https://github.com/nextcloud/server/pull/27532
https://hackerone.com/reports/1202590
https://security.gentoo.org/glsa/202208-17
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6qr9-c846-j8mg
https://github.com/nextcloud/server/pull/27532
https://hackerone.com/reports/1202590
https://security.gentoo.org/glsa/202208-17