Bypass received read-only share permissions using read-write reshare
Platform: ownCloud Server
Versions: 9.0.6, 9.1.2,
Risk level: Medium
CVSS v3 Base Score: 6.5 (AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N)
User can upload and modify the link share contents even though the original sharer has only read-only access.
- ownCloud Server < 9.1.2 (CVE-2016-????)
- ownCloud Server < 9.0.6 (CVE-2016-????)
Make share permission check work correctly from share manager.
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Sergio Bertolin – Vulnerability discovery and disclosure.