BSI analysis shows: Nextcloud server stored passwords in plain text
A code analysis by the BSI shows that two-factor authentication could be bypassed in Nextcloud Server. Passwords were also stored in plain text.
https://www.heise.de/en/news/BSI-analysis-shows-Nextcloud-server-stored-passwords-in-plain-text-10273259.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon
#BSI #CloudComputing #CloudDienste #OpenSource #Security #Sicherheitslücken #Software #news
heise online English /
npub129…z4jw8
2025-02-06 20:49:02
Author Public Key
npub129aefr489yrcgvkwpmugs0uf8t00yy206w7vtmx3ncmdgq92ph8qrz4jw8Published at
2025-02-06 20:49:02Event JSON
{
"id": "58e6e83fc5af8f529c948673bb769d55245930f665634edd7ea3ae67418053ef",
"pubkey": "517b948ea729078432ce0ef8883f893adef2114fd3bcc5ecd19e36d400aa0dce",
"created_at": 1738874942,
"kind": 1,
"tags": [
[
"t",
"bsi"
],
[
"t",
"cloudcomputing"
],
[
"t",
"clouddienste"
],
[
"t",
"opensource"
],
[
"t",
"security"
],
[
"t",
"sicherheitslucken"
],
[
"t",
"software"
],
[
"t",
"news"
],
[
"proxy",
"https://social.heise.de/users/heiseonlineenglish/statuses/113958908230487473",
"activitypub"
]
],
"content": "BSI analysis shows: Nextcloud server stored passwords in plain text\n\nA code analysis by the BSI shows that two-factor authentication could be bypassed in Nextcloud Server. Passwords were also stored in plain text.\n\nhttps://www.heise.de/en/news/BSI-analysis-shows-Nextcloud-server-stored-passwords-in-plain-text-10273259.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege\u0026utm_source=mastodon\n\n#BSI #CloudComputing #CloudDienste #OpenSource #Security #Sicherheitslücken #Software #news",
"sig": "7284316f1e11776e71210bcd5118251abf084deed825cb9ff4aba287f2ea69674ad730e3ea8cd4c761f703ebd3680af569af5e0ef409690c5c5868c73d889951"
}