Lucene search

K
cvelistHackeroneCVELIST:CVE-2021-22895
HistoryJun 11, 2021 - 3:49 p.m.

CVE-2021-22895

2021-06-1115:49:38
CWE-295
hackerone
www.cve.org
8
nextcloud
desktop client
ssl certificate

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

56.7%

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the “Register with a Provider” flow.

CNA Affected

[
  {
    "product": "Nextcloud Desktop Client",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in 3.3.1"
      }
    ]
  }
]

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

56.7%