Description

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.

Remediation

References

CVE-2014-3835

Related Vulnerabilities

Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)

MySQL CVE-2012-0101 Vulnerability (CVE-2012-0101)

MongoDb CVE-2019-2390 Vulnerability (CVE-2019-2390)

WordPress Plugin WP Data Access Security Bypass (5.1.3)

WordPress Plugin kk Star Ratings 'root' Parameter Remote File Include (1.7)

Severity

Medium

Classification

CVE-2014-3835 CWE-264

Tags

Missing Update Known Vulnerabilities