Vulnerability Name: | CCN-75526 | ||||||
Published: | 2012-05-11 | ||||||
Updated: | 2012-05-11 | ||||||
Summary: | ownCloud could allow a remote attacker to obtain sensitive information, caused by the storing of the admin credentials in cleartext within the owncloud.db file. An attacker could exploit this vulnerability to obtain the LDAP password and other sensitive information. | ||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||
CVSS v2 Severity: | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)
| ||||||
Vulnerability Consequences: | Obtain Information | ||||||
References: | Source: CCN Type: ownCloud Web site ownCloud.org | Your Cloud, Your Data, Your Way! Source: CCN Type: Packetstorm Security Website Owncloud 3.0.3 Clear Text Password Storage Source: XF Type: UNKNOWN owncloud-ldap-info-disclosure(75526) | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |