3 matches found
CVE-2023-45149 Password of talk conversations can be bruteforced in Nextcloud
Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be bypassed, as there was an endpoint validating the conversation password without registering bruteforce attempts. It is recommended that the...
CVE-2023-45149 Password of talk conversations can be bruteforced in Nextcloud
Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be bypassed, as there was an endpoint validating the conversation password without registering bruteforce attempts. It is recommended that the...
CVE-2023-45149
CVE-2023-45149 affects Nextcloud Talk. Root cause: brute-force protection for public talk conversation passwords can be bypassed because the authentication endpoint validates the password without applying bruteforce protection. Affected: Nextcloud Talk versions prior to 15.0.8, 16.0.6, or 17.1.1....