CVE Vulnerabilities

CVE-2012-4752

Published: Sep 05, 2012 | Modified: Sep 06, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

appconfig.php in ownCloud before 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors. NOTE: this can be leveraged by unauthenticated remote attackers using CVE-2012-4393.

Affected Software

Name Vendor Start Version End Version
Owncloud Owncloud 4.0.3 4.0.3
Owncloud Owncloud 4.0.0 4.0.0
Owncloud Owncloud 3.0.3 3.0.3
Owncloud Owncloud * 4.0.5
Owncloud Owncloud 4.0.1 4.0.1
Owncloud Owncloud 4.0.2 4.0.2
Owncloud Owncloud 3.0.0 3.0.0
Owncloud Owncloud 3.0.2 3.0.2
Owncloud Owncloud 4.0.4 4.0.4
Owncloud Owncloud 3.0.1 3.0.1

References