CVE-2014-3837
4.0
Vector
AV:N/AC:L/Au:S/C:N/I:P/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD
Description
The document application in ownCloud Server before 6.0.3 uses sequential values for the file_id, which allows remote authenticated users to enumerate shared files via unspecified vectors.
Affected (3)
Products: Owncloud: Owncloud, Owncloud Server
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 6.0.2 | |
| Version 6.0.0 |
Related CWEs
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.