CVE-2020-8236
N/A
N/A
Summary
A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Nextcloud Server | 19.0.2 | affected |
Weaknesses
- CWE-287: Improper Authentication - Generic (CWE-287)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.