Description
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.
References (5)
Scores
CVSS v3
4.1
EPSS
0.0004
EPSS Percentile
10.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-310
CWE-311
Status
published
Products (1)
nextcloud/nextcloud_server
< 19.0.2
Published
Nov 09, 2020
Tracked Since
Feb 18, 2026