Lucene search
OwnCloudOWNCLOUD:8D0C9140776A51F1D485D677707606C7HistoryMar 14, 2023 - 12:00 a.m.
SQLInjection in FileContentProvider.kt - ownCloud
2023-03-1400:00:00
owncloud.com
13
sqlinjection
filecontentprovider
owncloud
insecurecode
localaccess
databasesecurity
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Due to some insecure code in a exported content provider an attacker with local access could retrieve information from the ownCloud app database through SQL injection.
Affected configurations
Node
owncloudowncloudRange<3.0.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud android app | lt | 3.0.4 |
Related
nvd
nvd
CVE-2023-23948
2023-02-13 17:15:11
prion
prion
Sql injection
2023-02-13 17:15:00
osv
osv
CVE-2023-23948
2023-02-13 17:15:11
cvelist
cvelist
CVE-2023-23948 ownCloud Android app vulnerable to SQL Injection
2023-02-13 16:30:18
cve
cve
CVE-2023-23948
2023-02-13 17:15:11
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for OWNCLOUD:8D0C9140776A51F1D485D677707606C7