Description
The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.
Remediation
References
Related Vulnerabilities
silverstripeCMS CVE-2019-12204 Vulnerability (CVE-2019-12204)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2190)
WordPress Plugin Nifty Newsletters (Formerly Sola Newsletters) Cross-Site Request Forgery (4.0.23)
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445)