CVE-2021-22905
CVE-2021-22905
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
11 Jun 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by the user.
Affected products
n/a · Nextcloud Android App (com.nextcloud.client)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →