Lucene search
HistoryFeb 04, 2015 - 6:59 p.m.
CVE-2014-9046
cve-2014-9046
information security
vulnerability
remote attack
owncloud server
file read
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.6%
The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol.
Affected configurations
Node
owncloudowncloudRange≤5.0.17
ORowncloudowncloudMatch5.0.0
ORowncloudowncloudMatch5.0.1
ORowncloudowncloudMatch5.0.2
ORowncloudowncloudMatch5.0.3
ORowncloudowncloudMatch5.0.4
ORowncloudowncloudMatch5.0.5
ORowncloudowncloudMatch5.0.6
ORowncloudowncloudMatch5.0.7
ORowncloudowncloudMatch5.0.8
ORowncloudowncloudMatch5.0.9
ORowncloudowncloudMatch5.0.10
ORowncloudowncloudMatch5.0.11
ORowncloudowncloudMatch5.0.12
ORowncloudowncloudMatch5.0.13
ORowncloudowncloudMatch5.0.14
ORowncloudowncloudMatch5.0.14a
ORowncloudowncloudMatch5.0.15
ORowncloudowncloudMatch5.0.16
ORowncloudowncloudMatch6.0.0
ORowncloudowncloudMatch6.0.1
ORowncloudowncloudMatch6.0.2
ORowncloudowncloudMatch6.0.3
ORowncloudowncloudMatch6.0.4
ORowncloudowncloudMatch6.0.5
ORowncloudowncloudMatch7.0.0
ORowncloudowncloudMatch7.0.1
ORowncloudowncloudMatch7.0.2
Related
prion
prion
Design/Logic Flaw
2015-02-04 18:59:00
owncloud
owncloud
Server: Potential local file disclosure
2014-11-25 15:00:00
Potential local file disclosure - ownCloud
2014-11-25 18:38:43
cvelist
cvelist
CVE-2014-9046
2015-02-04 18:00:00
nvd
nvd
CVE-2014-9046
2015-02-04 18:59:06
openvas
openvas
ownCloud Multiple Vulnerabilities -02 (Feb 2015)
2015-02-19 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.6%
Related for CVE-2014-9046