CVE-2014-3834CVE-2014-3834

Affected configuration(s):

cpe:/a:owncloud:owncloud:6.0.0
cpe:/a:owncloud:owncloud:6.0.1
cpe:/a:owncloud:owncloud:6.0.2

Date published: 2014-06-04T10:55:04.637-04:00

Date last modified: 2014-06-04T15:10:50.603-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://owncloud.org/about/security/advisories/oc-sa-2014-011/

Summary: ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *