CVE-2015-5955
First published: Thu Oct 29 2015(Updated: )
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ownCloud | <3.4.4 | |
| ownCloud Client | <3.4.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-5955?
CVE-2015-5955 is considered a high severity vulnerability due to the potential exposure of sensitive credential and cookie information.
How do I fix CVE-2015-5955?
To fix CVE-2015-5955, users should upgrade their ownCloud iOS app to version 3.4.4 or later.
What versions of the ownCloud iOS app are affected by CVE-2015-5955?
CVE-2015-5955 affects all versions of the ownCloud iOS app prior to 3.4.4.
What information can be compromised due to CVE-2015-5955?
Due to CVE-2015-5955, sensitive credential and cookie information may be exposed to remote instance administrators.
Does CVE-2015-5955 affect only iOS devices?
Yes, CVE-2015-5955 specifically affects the ownCloud iOS app on iPhone devices.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/first-publish-date
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/source
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/owncloud
- canonical/owncloud
- canonical/owncloud client