5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...
CVE-2023-28997
creationtimestamp| type| source ---|---|--- 2023-04-04 16:30:52+00:00| seen| https://t.me/cibsecurity/61395...
CVE-2023-28997 Nextcloud Desktop: Initialization vector reuse in E2EE allows malicious server admin to break, manipulate, access files
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5...
CVE-2023-28997
Summary (CVE-2023-28997) The Nextcloud Desktop Client is affected when running versions 3.0.0 up to before 3.6.5, where an attacker with control of a malicious server could recover and modify the contents of end-to-end encrypted files due to a vulnerability tied to IV reuse in the E2EE scheme. Th...
CVE-2023-28997
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5...