CVE-2019-15612

CVE-2019-15612

Vendor N/A
Product Nextcloud Server
Weakness CWE-384 · Session fixation
Published February 4, 2020
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.

Key dates

02Disclosure timeline

February 4, 2020 CVE published
August 5, 2024 Record updated