CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-2048

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1930%
EPSS Percentile14.41th
Published2018年3月26日
Last Modified2024年11月21日

Vulnerability Description

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.

Affected Platforms (CPE)

📦
Owncloud

Owncloud

< 5.0.15

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/91973
🔗 https://owncloud.org/security/advisories/insecure-openid-implementation/
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/91973
🔗 https://owncloud.org/security/advisories/insecure-openid-implementation/

相关漏洞威胁

CVE-2015-471610.0

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on...

CVE-2019-253379.8

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulatin...

CVE-2021-359469.8

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and the...

CVE-2014-20529.8

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, ...