Unrated severityNVD Advisory· Published Jun 11, 2021· Updated Aug 3, 2024
CVE-2021-22915
CVE-2021-22915
Description
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGXGR6HYGQ6MZXISMJEHCOXRGRFRUFMA/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/mitrevendor-advisoryx_refsource_FEDORA
- hackerone.com/reports/1154003mitrex_refsource_MISC
- nextcloud.com/security/advisory/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.