CVE-2021-33828

The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
owncloudfiles_antivirus
𝑥
< 1.0.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
owncloud
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://doc.owncloud.com/server/admin_manual/release_notes.html
https://owncloud.com/security-advisories/cve-2021-33828/
https://doc.owncloud.com/server/admin_manual/release_notes.html
https://owncloud.com/security-advisories/cve-2021-33828/