Lucene search

K

GoogleOSV:CVE-2020-8296

HistoryMar 03, 2021 - 6:15 p.m.

CVE-2020-8296

2021-03-0318:15:13

Google

osv.dev

10

nextcloud

server

passwords

recoverable

external storage

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

40.5%

Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.

References

github.com/nextcloud/server/issues/17439

github.com/nextcloud/server/pull/21037

hackerone.com/reports/867164

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/

nextcloud.com/security/advisory/?id=NC-SA-2021-006

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

40.5%

Related for OSV:CVE-2020-8296

cvelist1 hackerone1 prion1 redhatcve1 nvd1 nextcloud1 cve1 openvas2 fedora1