4 matches found
CVE-2022-35932
Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is...
CVE-2022-35932 Missing rate limit when trying to join a password protected Nextcloud Talk conversation
Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is...
CVE-2022-35932 Missing rate limit when trying to join a password protected Nextcloud Talk conversation
Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is...
CVE-2022-35932
CVE-2022-35932 describes a missing rate limit in Nextcloud Talk for password-protected conversations. Before versions 12.2.7, 13.0.7, and 14.0.3, an attacker with the conversation link/token can brute-force the password due to lack of rate limiting. Public sources (NVD/Red Hat/GSAs) confirm the i...