CVE-2020-36248
First published: Fri Feb 19 2021(Updated: )
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from this archive.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Owncloud Owncloud | <2.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID of this security issue is CVE-2020-36248.
What is the severity level of CVE-2020-36248?
CVE-2020-36248 has a severity level of medium.
How does the vulnerability in ownCloud for Android impact the security?
The vulnerability in ownCloud for Android allows attackers to bypass the PIN lock feature by restoring from a backup archive that includes a PIN preferences value.
Which version of ownCloud for Android is affected by this vulnerability?
The vulnerability affects ownCloud for Android versions before 2.15.
Is there a fix available for CVE-2020-36248?
Yes, a fix for CVE-2020-36248 is available. Please refer to the official security advisory for more information.
- collector/nvd-index
- vendor/owncloud
- canonical/owncloud owncloud