CVE-2021-22895 — Vulnetix

CVE-2021-22895 PUBLISHED

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

EPSS 0.36% · 58.8th percentile

Risk Scores

EPSS Score

0.36%

58.8th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:20.04:LTS	nextcloud-desktop	2.6.0-1, 2.6.1-2, 2.6.2-1
Ubuntu:24.04:LTS	nextcloud-desktop	0, 3.9.0-1, 3.11.0-1.1build4
Ubuntu:25.10	nextcloud-desktop	3.16.0-1, 3.16.2-1, 3.16.4-1
Ubuntu:22.04:LTS	nextcloud-desktop	3.2.3-0ubuntu1, 3.3.5-1, 3.3.5-1ubuntu1

Exploit Intelligence

https://github.com/nextcloud/desktop/pull/2926 (circl)
https://github.com/nextcloud/desktop/releases/tag/v3.1.3 (circl)
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5 (circl)
DSA-4974 (circl)
SSL certificate not validated when registering with a provider (hackerone)
SSL certificate not validated when registering with a provider (hackerone)
SSL certificate not validated when registering with a provider (hackerone)
https://hackerone.com/reports/903424 (canonical)

Timeline

CVE Published
Jun 2, 2021 PoC Published
Jun 12, 2021 EPSS Score
Aug 13, 2021 EPSS Score
Oct 12, 2021 EPSS Score
Dec 12, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 11, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 13, 2022 EPSS Score
Jun 12, 2022 EPSS Score
Aug 13, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2021-22895 third-party-advisory
https://github.com/nextcloud/desktop/pull/2926 third-party-advisory
https://github.com/nextcloud/desktop/commit/b1ddd0e491b2af0ed040e658d8bcde2a7a61c9fc third-party-advisory
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5 third-party-advisory
https://github.com/nextcloud/desktop/releases/tag/v3.1.3 third-party-advisory
https://hackerone.com/reports/903424 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2021-22895 third-party-advisory

Open in Interactive Console →