Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.
References
Link | Resource |
---|---|
https://hackerone.com/reports/248656 | Issue Tracking Third Party Advisory |
https://nextcloud.com/security/advisory/?id=NC-SA-2018-007 | Broken Link Vendor Advisory |
Configurations
History
27 Feb 2023, 16:45
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://nextcloud.com/security/advisory/?id=NC-SA-2018-007 - Broken Link, Vendor Advisory |
Information
Published : 2018-08-12 22:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-3775
Mitre link : CVE-2018-3775
CVE.ORG link : CVE-2018-3775
JSON object : View
Products Affected
nextcloud
- nextcloud_server
CWE
CWE-287
Improper Authentication