Описание
ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary API commands.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.0.1+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [6.0.1+dfsg-1ubuntu1]] |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | 4.0.8debian-1.1ubuntu0.1 |
| raring | ignored | end of life |
| saucy | not-affected | 5.0.10+dfsg-1ubuntu1 |
| trusty | not-affected | 6.0.1+dfsg-1ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [6.0.1+dfsg-1ubuntu1] |
| upstream | released | 5.0.6 |
Показывать по
6.5 Medium
CVSS2
Связанные уязвимости
ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary API commands.
ownCloud before 5.0.6 does not properly check permissions, which allow ...
ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary API commands.
6.5 Medium
CVSS2