diff --git a/lib/private/Avatar/AvatarManager.php b/lib/private/Avatar/AvatarManager.php
index ec9bed4085089..4882b7cb072b1 100644
--- a/lib/private/Avatar/AvatarManager.php
+++ b/lib/private/Avatar/AvatarManager.php
@@ -102,6 +102,9 @@ public function __construct(
 
 	/**
 	 * return a user specific instance of \OCP\IAvatar
+	 *
+	 * If the user is disabled a guest avatar will be returned
+	 *
 	 * @see \OCP\IAvatar
 	 * @param string $userId the ownCloud user id
 	 * @return \OCP\IAvatar
@@ -114,6 +117,10 @@ public function getAvatar(string $userId) : IAvatar {
 			throw new \Exception('user does not exist');
 		}
 
+		if (!$user->isEnabled()) {
+			return $this->getGuestAvatar($userId);
+		}
+
 		// sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below)
 		$userId = $user->getUID();
 
diff --git a/tests/lib/Avatar/AvatarManagerTest.php b/tests/lib/Avatar/AvatarManagerTest.php
index ae9c0e1671f0b..0ba6e504207a1 100644
--- a/tests/lib/Avatar/AvatarManagerTest.php
+++ b/tests/lib/Avatar/AvatarManagerTest.php
@@ -107,6 +107,11 @@ public function testGetAvatarForSelf() {
 			->method('getUID')
 			->willReturn('valid-user');
 
+		$user
+			->expects($this->any())
+			->method('isEnabled')
+			->willReturn(true);
+
 		// requesting user
 		$this->userSession->expects($this->once())
 			->method('getUser')
@@ -161,6 +166,11 @@ public function testGetAvatarValidUserDifferentCasing() {
 			->method('getUID')
 			->willReturn('valid-user');
 
+		$user
+			->expects($this->any())
+			->method('isEnabled')
+			->willReturn(true);
+
 		$this->userSession->expects($this->once())
 			->method('getUser')
 			->willReturn($user);
@@ -230,6 +240,12 @@ public function testGetAvatarScopes($avatarScope, $isPublicCall, $isKnownUser, $
 			->expects($this->once())
 			->method('getUID')
 			->willReturn('valid-user');
+
+		$user
+			->expects($this->any())
+			->method('isEnabled')
+			->willReturn(true);
+
 		$this->userManager
 			->expects($this->once())
 			->method('get')