ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)

Description

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.

Remediation

References

CVE-2014-3835

Related Vulnerabilities

MySQL CVE-2016-8290 Vulnerability (CVE-2016-8290)

Oracle JRE Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-21011)

Oracle JRE CVE-2013-0444 Vulnerability (CVE-2013-0444)

Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)

WordPress Plugin WooCommerce Help Scout Arbitrary File Upload (2.9)

Severity

Medium

Classification

CVE-2014-3835 CWE-264