Improper Certificate Validation in Nextcloud Desktop Client
CVE-2021-22895 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
Learn more about our Cis Benchmark Audit For Desktop Software.