CVE-2013-1941
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
The installation routine in ownCloud Server before 4.0.14, 4.5.x before 4.5.9, and 5.0.x before 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which makes it easier for remote attackers to guess the password via a brute force attack.
Affected (27)
Products: Owncloud: Owncloud, Owncloud Server
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.0.13 | |
| Version 4.0.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 5.0.0 |
Related CWEs
References (2)
Source: secalert@redhat.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.