CVE-2020-36252

CVSS 6.8 MEDIUMEPSS 0.5%

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.

CVSS:3.1/AC:L/AV:A/A:N/C:H/I:N/PR:L/S:C/UI:N

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://owncloud.com/security-advisories/access-to-all-file-versions/