Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9049

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2014-9049
Last Modified 05 Feb 2015 11:19:19
Published 04 Feb 2015 01:59:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-9049

Summary

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.

Vulnerable Systems

Application

  • Owncloud 6.0.0

  • Owncloud 6.0.1

  • Owncloud 6.0.2

  • Owncloud 6.0.3

  • Owncloud 6.0.4

  • Owncloud 6.0.5

  • Owncloud 7.0.0

  • Owncloud 7.0.1

  • Owncloud 7.0.2


References

CONFIRM - https://owncloud.org/security/advisory/?id=oc-sa-2014-025


Last Updated: 27 May 2016 11:07:42