CVE-2020-8173
Severity CVSS v4.0:
Pending analysis
Type:
CWE-311
Missing Encryption of Sensitive Data
Publication date:
02/11/2020
Last modified:
27/09/2022
Description
A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended.
Impact
Base Score 3.x
2.20
Severity 3.x
LOW
Base Score 2.0
3.50
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* | 17.0.7 (excluding) | |
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:* | 18.0.0 (including) | 18.0.5 (excluding) |
To consult the complete list of CPE names with products and versions, see this page