< go back to overview

Access to all file-versions of a user as soon as he has one share with the attacker

Platform: ownCloud Server

Versions: 10.3.0,

Date: 2/28/2020

– Risk: Medium
– CVSS v3 Base Score: 6.8
– CVSS v3 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
– CWE ID: 648
– CWE Name: Incorrect Use of Privileged APIs

Description
———–
An authenticated attacker can access all versions of all files (even unshared) as soon
as the owner of said files has at least one outgoing share with the attacker.

To attacker needs to guess a file-id which is numeric and sequential.

Affected
——–
– owncloud/core >= v10.0.9
– owncloud/core < v10.3.1

Mitigations
———–
Disable files_versions app by executing ‘occ app:disable files_versions’

Action taken
————
As the vulnerability is a result of incorrect usage of privileged APIs, all usages in owncloud-server of said
APIs are being reviewed and replaced with less privileged versions where necessary.

Share this

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close