Impact
Nextcloud Server supports application specific tokens for authentication purposes. These tokens are supposed to be granted to a specific applications (e.g. DAV sync clients), and can also be configured by the user to not have any filesystem access.
Due to a lacking permission check, the tokens were however able to change their own permissions. Thus fileystem limited tokens were able to grant themselves access to the filesystem.
Patches
It is recommended that the Nextcloud Server is upgraded to 19.0.13, 20.0.11 or 21.0.3
Workarounds
None.
References
For more information
If you have any questions or comments about this advisory:
robottod Analyst
Impact
Nextcloud Server supports application specific tokens for authentication purposes. These tokens are supposed to be granted to a specific applications (e.g. DAV sync clients), and can also be configured by the user to not have any filesystem access.
Due to a lacking permission check, the tokens were however able to change their own permissions. Thus fileystem limited tokens were able to grant themselves access to the filesystem.
Patches
It is recommended that the Nextcloud Server is upgraded to 19.0.13, 20.0.11 or 21.0.3
Workarounds
None.
References
For more information
If you have any questions or comments about this advisory: