Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.144942 |
Category: | Web application abuses |
Title: | Nextcloud Server 19.0.1 Encryption Vulnerability (NC-SA-2020-039) |
Summary: | Nextcloud Server is prone to a vulnerability where it is possible to; downgrade the encryption scheme and break the integrity through known-plaintext attack. |
Description: | Summary: Nextcloud Server is prone to a vulnerability where it is possible to downgrade the encryption scheme and break the integrity through known-plaintext attack. Vulnerability Insight: A cryptographic issue allows an attacker to downgrade the encryption scheme and break the integrity of encrypted files. Affected Software/OS: Nextcloud server 19.0.1. Solution: Update to version 19.0.2 or later. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-8150 http://seclists.org/fulldisclosure/2020/Dec/55 http://seclists.org/fulldisclosure/2020/Dec/58 http://seclists.org/fulldisclosure/2020/Dec/57 https://hackerone.com/reports/742588 https://nextcloud.com/security/advisory/?id=NC-SA-2020-039 |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |