Vulnerabilities > Nextcloud > Preferred Providers > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-10-05 CVE-2020-8228 Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products
A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.
network
low complexity
nextcloud opensuse CWE-307
5.0
2020-07-30 CVE-2020-8202 Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Preferred Providers 1.6.0
Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password.
network
low complexity
nextcloud CWE-307
5.0