CVE-2020-36252

CVSS 6.8 MEDIUMEPSS 0.5%

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.

CVSS:3.1/AC:L/AV:A/A:N/C:H/I:N/PR:L/S:C/UI:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://owncloud.com/security-advisories/access-to-all-file-versions/