CVE-2022-35931

LOW Year: 2022
CVSS v3 Score
2.7
Low
Weakness Type
CWE-261
View all →

Vulnerability Description

Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. Upgrade Nextcloud Server to 22.2.10, 23.0.7 or 24.0.3 to receive a patch for the issue in Password Policy. There are no known workarounds available.

Related Vulnerabilities

CVE-2023-28896

LOW
CVSS:2.4(Low)

Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decod...

CWE-2612023

CVE-2022-34445

MEDIUM
CVSS:4.4(Medium)

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information dis...

CWE-2612022

CVE-2017-7905

CRITICAL
CVSS:9.8(Critical)

A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmwa...

CWE-2612017

CVE-2020-10275

CRITICAL
CVSS:9.8(Critical)

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly w...

CWE-2612020

CVE-2021-21507

CRITICAL
CVSS:9.8(Critical)

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote...

CWE-2612021

CVE-2024-24279

HIGH
CVSS:8.8(High)

An issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint Encryption Super Speed Flash Disk) allows attackers to gain escalated privileges via vsVerifyPassword and vsSetFingerPrintPower fu...

CWE-2612024