First published: Fri Mar 14 2014(Updated: )
ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary API commands.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
ownCloud ownCloud | <=5.0.5 | |
ownCloud ownCloud | =5.0.0 | |
ownCloud ownCloud | =5.0.1 | |
ownCloud ownCloud | =5.0.2 | |
ownCloud ownCloud | =5.0.3 | |
ownCloud ownCloud | =5.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.