CVE-2021-41179 is a vulnerability in Nextcloud Server
Published on October 25, 2021
Two-Factor Authentication not enforced for pages marked as public
Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn't authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.
Vulnerability Analysis
CVE-2021-41179 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Missing Critical Step in Authentication
The software implements an authentication technique, but it skips a step that weakens the technique. Authentication techniques should follow the algorithms that define them exactly, otherwise authentication can be bypassed or more easily subjected to brute force attacks.
Products Associated with CVE-2021-41179
Want to know whenever a new CVE is published for Nextcloud Server? stack.watch will email you.
Affected Versions
nextcloud security-advisories:- Version < 20.0.13 is affected.
- Version >= 21.0.0, < 21.0.5 is affected.
- Version < 22.2.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.