CVE-2018-16465

CVE-2018-16465

Vendor N/A
Product Nextcloud Server
Weakness CWE-287 · Improper authentication
Published October 30, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Missing state in Nextcloud Server prior to 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.

Key dates

02Disclosure timeline

October 30, 2018 CVE published
August 5, 2024 Record updated