An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
Max CVSS
9.8
EPSS Score
21.24%
Published
2023-11-21
Updated
2023-11-30

CVE-2023-49103

Known exploited
Public exploit
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Max CVSS
10.0
EPSS Score
89.25%
Published
2023-11-21
Updated
2023-12-05
CISA KEV Added
2023-11-30
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.
Max CVSS
9.8
EPSS Score
0.22%
Published
2021-09-07
Updated
2021-09-14
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.
Max CVSS
9.0
EPSS Score
0.11%
Published
2022-01-15
Updated
2022-01-21
Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow users to register themselves and have the data directory in the web root. This affects ownCloud/core versions < 10.6.
Max CVSS
9.1
EPSS Score
0.10%
Published
2021-02-09
Updated
2021-02-16
The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary code via a crafted mount point option, related to "objectstore."
Max CVSS
9.0
EPSS Score
0.79%
Published
2015-10-26
Updated
2015-10-28
icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2) connect or (3) read function in Share.php.
Max CVSS
9.0
EPSS Score
0.48%
Published
2015-10-21
Updated
2015-10-22
The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file.
Max CVSS
9.0
EPSS Score
1.19%
Published
2015-10-21
Updated
2015-10-22
Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
25.89%
Published
2015-10-21
Updated
2016-12-07
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Max CVSS
9.8
EPSS Score
0.59%
Published
2020-02-11
Updated
2020-02-12
The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.
Max CVSS
9.8
EPSS Score
0.44%
Published
2018-03-26
Updated
2018-06-13
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!