Lucene search
HistoryFeb 04, 2015 - 6:59 p.m.
CVE-2014-9046
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.002
Percentile
56.5%
The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol.
Affected configurations
Node
owncloudowncloudRange≤5.0.17
ORowncloudowncloudMatch5.0.0
ORowncloudowncloudMatch5.0.1
ORowncloudowncloudMatch5.0.2
ORowncloudowncloudMatch5.0.3
ORowncloudowncloudMatch5.0.4
ORowncloudowncloudMatch5.0.5
ORowncloudowncloudMatch5.0.6
ORowncloudowncloudMatch5.0.7
ORowncloudowncloudMatch5.0.8
ORowncloudowncloudMatch5.0.9
ORowncloudowncloudMatch5.0.10
ORowncloudowncloudMatch5.0.11
ORowncloudowncloudMatch5.0.12
ORowncloudowncloudMatch5.0.13
ORowncloudowncloudMatch5.0.14
ORowncloudowncloudMatch5.0.14a
ORowncloudowncloudMatch5.0.15
ORowncloudowncloudMatch5.0.16
ORowncloudowncloudMatch6.0.0
ORowncloudowncloudMatch6.0.1
ORowncloudowncloudMatch6.0.2
ORowncloudowncloudMatch6.0.3
ORowncloudowncloudMatch6.0.4
ORowncloudowncloudMatch6.0.5
ORowncloudowncloudMatch7.0.0
ORowncloudowncloudMatch7.0.1
ORowncloudowncloudMatch7.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| owncloud | owncloud | * | cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.0 | cpe:2.3:a:owncloud:owncloud:5.0.0:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.1 | cpe:2.3:a:owncloud:owncloud:5.0.1:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.2 | cpe:2.3:a:owncloud:owncloud:5.0.2:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.3 | cpe:2.3:a:owncloud:owncloud:5.0.3:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.4 | cpe:2.3:a:owncloud:owncloud:5.0.4:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.5 | cpe:2.3:a:owncloud:owncloud:5.0.5:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.6 | cpe:2.3:a:owncloud:owncloud:5.0.6:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.7 | cpe:2.3:a:owncloud:owncloud:5.0.7:*:*:*:*:*:*:* |
| owncloud | owncloud | 5.0.8 | cpe:2.3:a:owncloud:owncloud:5.0.8:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2015-02-04 18:59:00
cve
cve
CVE-2014-9046
2015-02-04 18:59:06
owncloud
owncloud
Server: Potential local file disclosure
2014-11-25 15:00:00
Potential local file disclosure - ownCloud
2014-11-25 18:38:43
cvelist
cvelist
CVE-2014-9046
2015-02-04 18:00:00
openvas
openvas
ownCloud Multiple Vulnerabilities -02 (Feb 2015)
2015-02-19 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.002
Percentile
56.5%
Related for NVD:CVE-2014-9046