CVE-2020-8150

🗓️ 09 Nov 2020 15:13:15Reported by [email protected]Type

Cryptographic issue in Nextcloud Server 19.0.1 allowing downgrade of encryption scheme and breaking file integrity

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Hacker One	Nextcloud: Downgrade encryption scheme and break integrity through known-plaintext attack	20 Nov 201919:40	–	hackerone
Prion	Design/Logic Flaw	9 Nov 202015:15	–	prion
OSV	CVE-2020-8150	9 Nov 202015:15	–	osv
Nextcloud	Downgrade encryption scheme and break integrity through known-plaintext attack (NC-SA-2020-039)	26 Aug 202000:00	–	nextcloud
Cvelist	CVE-2020-8150	9 Nov 202014:19	–	cvelist
CVE	CVE-2020-8150	9 Nov 202015:15	–	cve
OpenVAS	Nextcloud Server 19.0.1 Encryption Vulnerability (NC-SA-2020-039)	1 Dec 202000:00	–	openvas
GithubExploit	Exploit for Improper Certificate Validation in Backblaze	9 Sep 202014:39	–	githubexploit

Nvd

Node

nextcloud nextcloud_serverRange<19.0.2

Source	Link
seclists	www.seclists.org/fulldisclosure/2020/Dec/58
nextcloud	www.nextcloud.com/security/advisory/
hackerone	www.hackerone.com/reports/742588
seclists	www.seclists.org/fulldisclosure/2020/Dec/55
seclists	www.seclists.org/fulldisclosure/2020/Dec/57

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Nov 2020 15:15Current

4.3Medium risk

Vulners AI Score4.3

CVSS21.9

CVSS34.1

EPSS0.00036