Lucene search
Ubuntu.comUB:CVE-2015-5954HistoryOct 21, 2015 - 12:00 a.m.
CVE-2015-5954
2015-10-2100:00:00
ubuntu.com
ubuntu.com
12
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
32.7%
The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7,
and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath
return value, which allows remote authenticated users to bypass intended
access restrictions and gain access to users files via a sharing link to a
file with a deleted parent folder.
Notes
| Author | Note |
|---|---|
| mdeslaur | package is empty in precise and trusty |
Related
owncloud
owncloud
prion
prion
Design/Logic Flaw
2015-10-21 18:59:00
cvelist
cvelist
CVE-2015-5954
2015-10-21 18:00:00
openvas
openvas
ownCloud Access Bypass Vulnerability (Sep 2016) - Linux
2016-09-23 00:00:00
ownCloud Access Bypass Vulnerability (Sep 2016) - Windows
2016-09-23 00:00:00
Debian: Security Advisory (DSA-3373-1)
2015-10-17 00:00:00
cve
cve
CVE-2015-5954
2015-10-21 18:59:03
nvd
nvd
CVE-2015-5954
2015-10-21 18:59:03
debian
debian
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-18 13:49:47
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-18 13:49:47
securityvulns
securityvulns
owncloud multiple security vulnerabilities
2015-10-25 00:00:00
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-25 00:00:00
nessus
nessus
Debian DSA-3373-1 : owncloud - security update
2015-10-19 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
32.7%
Related for UB:CVE-2015-5954