Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2047

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2013-2047
Last Modified 17 Mar 2014 11:37:36
Published 14 Mar 2014 12:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-2047

Summary

The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.

Vulnerable Systems

Application

  • Owncloud 5.0.0

  • Owncloud 5.0.1

  • Owncloud 5.0.2

  • Owncloud 5.0.3

  • Owncloud 5.0.4

  • Owncloud 5.0.5


References

CONFIRM - http://owncloud.org/about/security/advisories/oC-SA-2013-023/


Last Updated: 27 May 2016 11:04:38