ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.
References
Link | Resource |
---|---|
https://owncloud.org/security/advisory/?id=oc-sa-2015-013 | Broken Link Vendor Advisory |
Configurations
History
10 Sep 2021, 14:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:iphone_os:*:* | |
CWE | CWE-522 | |
References | (CONFIRM) https://owncloud.org/security/advisory/?id=oc-sa-2015-013 - Broken Link, Vendor Advisory |
Information
Published : 2015-10-29 20:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-5955
Mitre link : CVE-2015-5955
CVE.ORG link : CVE-2015-5955
JSON object : View
Products Affected
owncloud
- owncloud
CWE
CWE-522
Insufficiently Protected Credentials