CVE-2021-32676

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version 9.0.10, 10.0.8 and 11.2.2 did not rotate the session cookie after a successful authentication event. It is recommended that the Nextcloud Talk App is upgraded to 9.0.10, 10.0.8 or 11.2.2. No workarounds for this vulnerability are known to exist.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nextcloud:talk:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:talk:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:talk:*:*:*:*:*:*:*:*

Information

Published : 2021-06-15 17:15

Updated : 2021-06-23 13:05


NVD link : CVE-2021-32676

Mitre link : CVE-2021-32676


JSON object : View

CWE
CWE-384

Session Fixation

Advertisement

dedicated server usa

Products Affected

nextcloud

  • talk