Unlogged Share Expiration Date Unsetting Vulnerability in Nextcloud Server

Unlogged Share Expiration Date Unsetting Vulnerability in Nextcloud Server

CVE-2021-32680 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged. This issue is patched in versions 19.0.13, 20.0.11, and 21.0.3.

Learn more about our Cis Benchmark Audit For Server Software.