Vulnerability identifier: #VU25684

Vulnerability risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-648

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
ownCloud Server
Web applications / Modules and components for CMS

Vendor: ownCloud

Description

The vulnerability allows a remote attacker to gain access to all file-versions of a user.

The vulnerability exists due to the incorrect usage of privileged APIs. A remote authenticated attacker on the local network can access all versions of all files (even unshared) as soon as the owner of said files has at least one outgoing share with the attacker.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ownCloud Server: 10.0.9 - 10.3.0

---

External links
http://owncloud.org/security/advisories/access-to-all-file-versions-of-a-user-as-soon-as-he-has-one-share-with-the-attacker/

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.