CVE-2024-52510

MEDIUM Year: 2024
CVSS v3 Score
4.2
Medium
Weakness Type
CWE-295
View all →

Vulnerability Description

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.

Related Vulnerabilities

CVE-2016-7815

MEDIUM
CVSS:4.2(Medium)

Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.

CWE-2952016

CVE-2020-15719

MEDIUM
CVSS:4.2(Medium)

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectA...

CWE-2952020

CVE-2022-45457

MEDIUM
CVSS:4.2(Medium)

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (W...

CWE-2952022

CVE-2022-45458

MEDIUM
CVSS:4.2(Medium)

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber...

CWE-2952022

CVE-2023-31151

MEDIUM
CVSS:4.2(Medium)

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to co...

CWE-2952023

CVE-2023-38009

MEDIUM
CVSS:4.2(Medium)

IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning.

CWE-2952023