CVE-2017-5866

The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.
References
Link Resource
http://www.securityfocus.com/bid/96426 Third Party Advisory VDB Entry
https://owncloud.org/security/advisory/?id=oc-sa-2017-002 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.3:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.4:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.5:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.6:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.7:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:8.2.8:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.3:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.4:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.5:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.0.6:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:owncloud:owncloud:9.1.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-03 15:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-5866

Mitre link : CVE-2017-5866

CVE.ORG link : CVE-2017-5866


JSON object : View

Products Affected

owncloud

  • owncloud
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor