Description

ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

Remediation

References

CVE-2014-3834

Related Vulnerabilities

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2017-3730)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Vulnerabilities (1.9.2.2)

WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3387)

IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)

Severity

High

Classification

CVE-2014-3834 CWE-264

Tags

Missing Update Known Vulnerabilities