Nextcloud.User-Agent.Handling.Log.Evasion
Description
This indicates an attack attempt against a Log Evasion vulnerability in Nextcloud.
The vulnerability is due to inadequate filtering of special character which leads to the log file not logging an action. A remote attacker may be able to exploit this to avoid having their actions recorded in the log file.
Affected Products
Nextcloud Server < 12.0.3
Nextcloud Server < 11.0.5
Impact
Security Bypass: Remote attackers can avoid having their actions being logged.
Recommended Actions
Upgrade to Nextcloud Server 12.0.3 or 11.0.5.
https://nextcloud.com/install/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |