Auth bypass in index.php
Platform: ownCloud Server
Risk level: High
ownCloud 4.0.6 and all versions previous to this doesn’t sufficiently verify whether a request to appconfig.php was sent by an admin, which allows remote authenticated users to edit app configurations.
NOTE: this can be leveraged by unauthenticated remote attackers using CVE-2012-4393.
- ownCloud Server < 4.0.6 (CVE-2012-4752)
It is recommended that all instances are upgraded to ownCloud Server 4.0.7.
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Lukas Reschke – ownCloud Inc. (email@example.com) – Vulnerability discovery and disclosure.