CVE-2022-41969

🗓️ 01 Dec 2022 21:19:15Reported by [email protected]Type

Nextcloud Server allows unlimited password length for user creation, leading to a possible DoS attac

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2022-41969	1 Dec 202221:15	–	cve
Prion	Code injection	1 Dec 202221:15	–	prion
OSV	CVE-2022-41969	1 Dec 202221:15	–	osv
Cvelist	CVE-2022-41969 Nextcloud Server has no password length limit when creating a user as an administrator	1 Dec 202220:47	–	cvelist
Hacker One	Nextcloud: No password length limit when creating a user as an administrator	8 Oct 202218:13	–	hackerone
OpenVAS	Nextcloud Server < 23.0.11, 24.x < 24.0.7 DoS Vulnerability (GHSA-4gm7-j7wg-m4fx)	6 Dec 202200:00	–	openvas
Nextcloud	No password length limit when creating a user as an administrator	1 Dec 202209:32	–	nextcloud

Nvd

Node

nextcloud nextcloud_serverRange23.0.0–23.0.11

nextcloud nextcloud_serverRange23.0.0–23.0.11enterprise

nextcloud nextcloud_serverRange24.0.0–24.0.7

nextcloud nextcloud_serverRange24.0.0–24.0.7enterprise

Source	Link
github	www.github.com/nextcloud/server/pull/34500
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-4gm7-j7wg-m4fx
hackerone	www.hackerone.com/reports/1727424

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Dec 2022 21:15Current

CVSS32.7

EPSS0.0003