CVE-2019-15612
- Source
- https://cve.org/CVERecord?id=CVE-2019-15612
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15612.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-15612
- Published
- 2020-02-04T20:15:11.793Z
- Modified
- 2026-03-14T09:33:23.064162Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.
- References
Affected packages
Git / github.com/nextcloud/server
Affected versions
13.*
13.0.7RC1
14.*
14.0.2RC1
theming-1.*
theming-1.4.5
v13.*
v13.0.0
v13.0.1
v13.0.10
v13.0.11RC1
v13.0.1RC1
v13.0.2
v13.0.2RC1
v13.0.3
v13.0.3RC1
v13.0.3RC2
v13.0.4
v13.0.5
v13.0.5RC1
v13.0.5RC2
v13.0.6
v13.0.6RC1
v13.0.7
v13.0.7RC1
v13.0.7RC2
v13.0.8
v13.0.8RC1
v13.0.8RC2
v13.0.9
v13.0.9RC1
v13.0.9RC2
v14.*
v14.0.0
v14.0.1
v14.0.1RC1
v14.0.2
v14.0.2RC1
v14.0.2RC2
v14.0.3
v14.0.4
v14.0.4RC1
v14.0.4RC2
v14.0.5
v14.0.5RC1
v14.0.5RC2
v14.0.6
v14.0.7RC1
v15.*
v15.0.0
v15.0.1
v15.0.1RC1
v15.0.1RC2
v15.0.2
v15.0.3RC1