CVE-2021-32680

LOW Year: 2021
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-778
View all →

Vulnerability Description

Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged. This issue is patched in versions 19.0.13, 20.0.11, and 21.0.3.

Related Vulnerabilities

CVE-2021-33689

LOW
CVSS:3.5(Low)

When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, securit...

CWE-7782021

CVE-2022-31120

LOW
CVSS:2.7(Low)

Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events ...

CWE-7782022

CVE-2019-19295

MEDIUM
CVSS:4.3(Medium)

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based co...

CWE-7782019

CVE-2022-25783

MEDIUM
CVSS:4.3(Medium)

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.

CWE-7782022

CVE-2024-2291

MEDIUM
CVSS:4.3(Medium)

In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticate...

CWE-7782024

CVE-2024-24901

LOW
CVSS:2.3(Low)

Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messa...

CWE-7782024