CVE-2021-35946

Опубликовано: 07 сент. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.

Ссылки

https://doc.owncloud.com/server/admin_manual/release_notes.html
Release Notes
Vendor Advisory
https://owncloud.com/security-advisories/cve-2021-35946/
Vendor Advisory
https://doc.owncloud.com/server/admin_manual/release_notes.html
Release Notes
Vendor Advisory
https://owncloud.com/security-advisories/cve-2021-35946/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*

Версия до 10.8.0 (исключая)

EPSS

Процентиль: 54%

0.00311

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-269

Связанные уязвимости

CVE-2021-35946

CVSS3: 9.8

ubuntu

больше 4 лет назад

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.

CVE-2021-35946

CVSS3: 9.8

debian

больше 4 лет назад

A receiver of a federated share with access to the database with ownCl ...

GHSA-9gjf-xc3f-w2j8

github

больше 3 лет назад

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.

EPSS

Процентиль: 54%

0.00311

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-269