Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing rate limit when trying to join a password protected Nextcloud Talk conversation
Vulnerability Description
Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is upgraded to 12.2.7, 13.0.7 or 14.0.3. There are currently no known workarounds available apart from not having password protected conversations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
侵犯隐私
Vulnerability Title
Nextcloud Talk 安全漏洞
Vulnerability Description
Nextcloud Talk是德国Nextcloud公司的一款自托管的本地音频/视频和聊天通信服务。 Nextcloud Talk 12.2.7之前版本、13.0.7之前版本、14.0.3之前版本存在安全漏洞。攻击者利用该漏洞泄露敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A