Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

ownCloud Improper Access Control Vulnerability (CVE-2014-2048)

Description

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.

Remediation

References

Related Vulnerabilities

OpenSSL Other Vulnerability (CVE-2015-0209)

Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)

WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery (1.1.2)

WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Local File Inclusion (1.3.6.2)

WordPress Plugin The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2)

Severity

Critical

Classification

CVE-2014-2048 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities