CVE Vulnerabilities

CVE-2014-3838

Published: Jun 04, 2014 | Modified: Jun 05, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly check permissions, which allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts.

Affected Software

Name Vendor Start Version End Version
Owncloud Owncloud * 5.0.15 (including)
Owncloud Owncloud 5.0.0 (including) 5.0.0 (including)
Owncloud Owncloud 5.0.1 (including) 5.0.1 (including)
Owncloud Owncloud 5.0.2 (including) 5.0.2 (including)
Owncloud Owncloud 5.0.3 (including) 5.0.3 (including)
Owncloud Owncloud 5.0.4 (including) 5.0.4 (including)
Owncloud Owncloud 5.0.5 (including) 5.0.5 (including)
Owncloud Owncloud 5.0.6 (including) 5.0.6 (including)
Owncloud Owncloud 5.0.7 (including) 5.0.7 (including)
Owncloud Owncloud 5.0.8 (including) 5.0.8 (including)
Owncloud Owncloud 5.0.9 (including) 5.0.9 (including)
Owncloud Owncloud 5.0.10 (including) 5.0.10 (including)
Owncloud Owncloud 5.0.11 (including) 5.0.11 (including)
Owncloud Owncloud 5.0.12 (including) 5.0.12 (including)
Owncloud Owncloud 5.0.13 (including) 5.0.13 (including)
Owncloud Owncloud 5.0.14 (including) 5.0.14 (including)
Owncloud Owncloud 5.0.14-a (including) 5.0.14-a (including)
Owncloud Ubuntu saucy *
Owncloud Ubuntu upstream *

References