Lucene search
Florian Preinstorfer – Vulnerability discovery and disclosure.OWNCLOUD:9C5E92143F7E9E1907435E28587A39D5HistoryJul 10, 2012 - 5:16 p.m.
User enumeration - ownCloud
2012-07-1017:16:03
Florian Preinstorfer – Vulnerability discovery and disclosure.
owncloud.org
25
0.001 Low
EPSS
Percentile
48.5%
apps/calendar/appinfo/remote.php and apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
Affected Software
- ownCloud Server < 4.0.7 (CVE-2012-4390)
Action Taken
It is recommended that all instances are upgraded to ownCloud Server 4.0.7.
Acknowledgements
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Florian Preinstorfer - Vulnerability discovery and disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud server | lt | 4.0.7 |
Related
ubuntucve
ubuntucve
CVE-2012-4390
2012-09-05 00:00:00
nvd
nvd
CVE-2012-4390
2012-09-05 23:55:02
prion
prion
Code injection
2012-09-05 23:55:00
cve
cve
CVE-2012-4390
2022-10-03 16:15:32
cvelist
cvelist
CVE-2012-4390
2022-10-03 16:15:32
owncloud
owncloud
Server: User enumeration
2012-07-10 11:42:22
openvas
openvas