Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-2052
HistoryFeb 11, 2020 - 12:00 a.m.

CVE-2014-2052

2020-02-1100:00:00
ubuntu.com
ubuntu.com
8

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.0%

JSON

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before
6.0.2, allows remote attackers to read arbitrary files, cause a denial of
service, or possibly have other impact via an XML External Entity (XXE)
attack.

Notes

Author Note
mdeslaur owncloud packages in Ubuntu are now empty
sbeattie according to debian, the reference wrt zendframework is for CVE-2012-6532

Related

prion 3
cve 3
osv 6
github 2
ubuntucve 2
openvas 4
owncloud 2
debian 4
nessus 2
securityvulns 1
prion
prion
Design/Logic Flaw
2013-02-13 17:55:00
Xxe
2020-02-11 16:15:00
Design/Logic Flaw
2014-11-16 00:59:00
cve
cve
CVE-2014-2052
2020-02-11 16:15:00
CVE-2012-6532
2013-02-13 17:55:00
CVE-2014-2683
2014-11-16 00:59:00
osv
osv
Zend Framework XEE Vulnerability
2022-05-17 05:10:32
Several Zend Products Vulnerable to XXE and XEE attacks
2022-05-14 00:56:24
zendframework - regression update
2015-05-20 00:00:00
github
github
Zend Framework XEE Vulnerability
2022-05-17 05:10:32
Several Zend Products Vulnerable to XXE and XEE attacks
2022-05-14 00:56:24
ubuntucve
ubuntucve
CVE-2012-6532
2013-02-13 00:00:00
CVE-2014-2683
2014-11-16 00:00:00
openvas
openvas
ownCloud < 5.0.15, 6.0.x < 6.0.2 Multiple Vulnerabilities
2021-09-21 00:00:00
Debian Security Advisory DSA 3265-1 (zendframework - security update)
2015-05-20 00:00:00
Debian: Security Advisory (DSA-3265-1)
2015-05-19 00:00:00
owncloud
owncloud
Server: XXE in multiple third party components
2014-07-03 02:00:00
XXE in multiple third party components - ownCloud
2014-07-03 18:22:45
debian
debian
[SECURITY] [DSA 3265-2] zendframework regression update
2015-05-24 11:55:24
[SECURITY] [DSA 3265-1] zendframework security update
2015-05-20 09:37:25
[SECURITY] [DLA 251-2] zendframework regression update
2015-06-23 20:26:59
nessus
nessus
Debian DSA-3265-1 : zendframework - security update
2015-05-21 00:00:00
Debian DLA-251-2 : zendframework regression update
2015-06-22 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3265-1] zendframework security update
2015-06-08 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.0%

JSON
Related for UB:CVE-2014-2052
prion3cve3osv6github2ubuntucve2openvas4owncloud2debian4nessus2securityvulns1