CVE-2016-15014

A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic. Affected by this vulnerability is an unknown functionality of the file cesnet/core/lostpassword/templates/resetpassword.php. The manipulation leads to insufficiently protected credentials. Attacking locally is a requirement. Upgrading to version 2.0.0 is able to address this issue. The identifier of the patch is 2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6. It is recommended to upgrade the affected component. The identifier VDB-217633 was assigned to this vulnerability.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:cesnet:theme-cesnet:*:*:*:*:*:*:*:*

History

11 Apr 2024, 00:55

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad en CESNET theme-cesnet en sus versiones hasta la 1.x en ownCloud y se ha clasificado como problemática. Se ve afectada por esta vulnerabilidad una función desconocida del archivo cesnet/core/lostpassword/templates/resetpassword.php. La manipulación conduce a credenciales insuficientemente protegidas. Atacar localmente es un requisito. La actualización a la versión 2.0.0 puede solucionar este problema. El identificador del parche es 2b857f2233ce5083b4d5bc9bfc4152f933c3e4a6. Se recomienda actualizar el componente afectado. A esta vulnerabilidad se le asignó el identificador VDB-217633.

29 Feb 2024, 01:17

Type Values Removed Values Added
New CVE

Information

Published : 2023-01-07 20:15

Updated : 2024-05-17 01:08


NVD link : CVE-2016-15014

Mitre link : CVE-2016-15014

CVE.ORG link : CVE-2016-15014


JSON object : View

Products Affected

cesnet

  • theme-cesnet
CWE
CWE-522

Insufficiently Protected Credentials