PT-2020-20037 · Nextcloud+1 · Nextcloud Desktop Client+1
Published
2020-09-14
·
Updated
2022-10-04
·
CVE-2020-8225
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Nextcloud Desktop Client version 2.6.4
Description
The issue concerns a cleartext storage of sensitive information, which exposed details about used proxies and their authentication credentials.
Recommendations
For Nextcloud Desktop Client version 2.6.4, update to a newer version that addresses this issue, as the current version stores sensitive proxy and authentication credential information in cleartext.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Nextcloud Desktop Client