Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Nextcloud
Authentication Bypass
Nextcloud Server
NVD
CVSS 3.1
8.8
EPSS
1.2%