CVE-2020-8152

CVE-2020-8152

Vendor N/A
Product Nextcloud Server
Weakness CWE-522 · Insufficiently protected credentials
Published November 16, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on.

Key dates

02Disclosure timeline

November 16, 2020 CVE published
August 4, 2024 Record updated