CVE-2020-8183

🗓️ 02 Nov 2020 21:34:15Reported by [email protected]Type

Logic error in Nextcloud Server 19.0.0 causes plaintext storage of share password on initial create API cal

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Cvelist	CVE-2020-8183	30 Oct 202018:13	–	cvelist
Hacker One	Nextcloud: The password of a mail share is not hashed if the password is given when the share is created	28 May 202019:30	–	hackerone
OSV	CVE-2020-8183	2 Nov 202021:15	–	osv
CVE	CVE-2020-8183	2 Nov 202021:15	–	cve
Tenable Nessus	FreeBSD : Nextcloud -- Password share by mail not hashed (eeec4e6f-fa71-11ea-9bb7-d4c9ef517024)	21 Sep 202000:00	–	nessus
Tenable Nessus	Fedora 33 : nextcloud (2020-050aaa14f7)	26 Oct 202000:00	–	nessus
Tenable Nessus	openSUSE Security Update : nextcloud (openSUSE-2020-1652)	12 Oct 202000:00	–	nessus
Tenable Nessus	Fedora 32 : nextcloud (2020-c9863904de)	20 Oct 202000:00	–	nessus
FreeBSD	Nextcloud -- Password share by mail not hashed	4 Jun 202000:00	–	freebsd
Prion	Design/Logic Flaw	2 Nov 202021:15	–	prion

Nvd

Node

nextcloud nextcloud_serverRange<18.0.6

nextcloud nextcloud_serverRange19.0.0–19.0.1

Source	Link
nextcloud	www.nextcloud.com/security/advisory/
hackerone	www.hackerone.com/reports/885041

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Nov 2020 21:15Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.00952