Insecure Direct Object References in Gallery
Platform: ownCloud Server
Versions: 8.2.6, 9.0.3,
Risk level: Medium
CVSS v2 Base Score: 5 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
ownCloud was vulnerable to a insecure direct object reference. Any unauthenticated user would be able to download any image from the server if the gallery app is enabled.
- ownCloud Server < 8.2.6 (CVE-2016-5876)
- ownCloud Server < 9.0.3 (CVE-2016-5876)
The share token is verified.
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Lukas Reschke – Vulnerability discovery and disclosure.