6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in FileContentProvider.kt
. This issue can lead to information disclosure. Two databases, filelist
and owncloud_database
, are affected. In version 3.0, the filelist
database was deprecated. However, injections affecting owncloud_database
remain relevant as of version 3.0.
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%