CVE-2016-1499

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.1.3:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-01-08 21:59

Updated : 2024-02-04 18:53


NVD link : CVE-2016-1499

Mitre link : CVE-2016-1499

CVE.ORG link : CVE-2016-1499


JSON object : View

Products Affected

owncloud

  • owncloud
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-399

Resource Management Errors