 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2022-41969 |
| Description: | Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, don't create user accounts with long passwords. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.124223 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-41969 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4gm7-j7wg-m4fx https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4gm7-j7wg-m4fx https://github.com/nextcloud/server/pull/34500 https://github.com/nextcloud/server/pull/34500 https://hackerone.com/reports/1727424 https://hackerone.com/reports/1727424 |