Lucene search

PRIOn knowledge basePRION:CVE-2013-1941

HistoryJun 04, 2014 - 2:55 p.m.

Design/Logic Flaw

2014-06-0414:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

50.8%

JSON

The installation routine in ownCloud Server before 4.0.14, 4.5.x before 4.5.9, and 5.0.x before 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which makes it easier for remote attackers to guess the password via a brute force attack.

CPENameOperatorVersion
owncloudeq4.0.3
owncloudeq4.0.0
owncloudeq4.0.11
owncloudeq4.0.10
owncloudeq4.0.8
owncloudeq4.0.1
owncloudeq4.0.6
owncloudeq4.0.5
owncloudeq4.0.2
owncloudeq4.0.9

Name	Operator	Version
owncloud	eq	4.0.3
owncloud	eq	4.0.0
owncloud	eq	4.0.11
owncloud	eq	4.0.10
owncloud	eq	4.0.8
owncloud	eq	4.0.1
owncloud	eq	4.0.6
owncloud	eq	4.0.5
owncloud	eq	4.0.2
owncloud	eq	4.0.9

Rows per page:

1-10 of 271

References

owncloud.org/about/security/advisories/oC-SA-2013-015/

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

50.8%

JSON

Related for PRION:CVE-2013-1941