A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2020/Dec/55 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2020/Dec/57 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2020/Dec/58 | Mailing List Third Party Advisory |
https://hackerone.com/reports/742588 | Exploit Third Party Advisory |
https://nextcloud.com/security/advisory/?id=NC-SA-2020-039 | Vendor Advisory |
Configurations
History
24 May 2022, 17:13
Type | Values Removed | Values Added |
---|---|---|
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Dec/58 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Dec/57 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Dec/55 - Mailing List, Third Party Advisory |
29 Dec 2020, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-11-09 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-8150
Mitre link : CVE-2020-8150
CVE.ORG link : CVE-2020-8150
JSON object : View
Products Affected
nextcloud
- nextcloud_server