Password Reset Bug in Nextcloud Server 15.0.2 Allows Expired 2FA Logins to Persist
CVE-2019-15612 · MEDIUM Severity
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.
Learn more about our Cis Benchmark Audit For Server Software.