VDB-115024 · CVE-2014-2048 · OSVDB 104494

ownCloud Server up to 5.0.14 user_openid App access control

A vulnerability has been found in ownCloud Server up to 5.0.14 (Cloud Software) and classified as critical. This vulnerability affects an unknown function of the component user_openid App. Upgrading to version 5.0.15 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

152
014

Field

source_osvdb_title1
source_osvdb1
vulnerability_discoverydate1
vulnerability_cvss3_nvd_basescore1
exploit_0day_days1

Commit Conf

100%56
90%9
98%1

Approve Conf

100%56
90%9
98%1
IDCommitedUserFieldChangeRemarksAcceptedReasonC
768696001/16/2020VulD...osvdb_titleCVE-2014-2048 - Owncloud - Owncloud - High01/16/2020accepted
100
768695901/16/2020VulD...osvdb10449401/16/2020accepted
100
768691201/16/2020VulD...discoverydate139415040001/16/2020accepted
100
768697303/27/2018VulD...cvss3_nvd_basescore9.8nist.gov03/27/2018accepted
90
768697203/27/2018VulD...0day_days148003/27/2018accepted
90
768697103/27/2018VulD...cvss3_vuldb_rcXsee CVSS documentation03/27/2018accepted
90
768697003/27/2018VulD...cvss3_vuldb_rlOsee CVSS documentation03/27/2018accepted
90
768696903/27/2018VulD...cvss3_vuldb_eXsee CVSS documentation03/27/2018accepted
90
768696803/27/2018VulD...cvss2_vuldb_rcNDsee CVSS documentation03/27/2018accepted
90
768696703/27/2018VulD...cvss2_vuldb_rlOFsee CVSS documentation03/27/2018accepted
90
768696603/27/2018VulD...cvss2_vuldb_eNDsee CVSS documentation03/27/2018accepted
90
768696503/27/2018VulD...locationWebsite03/27/2018accepted
90
768696403/27/2018VulD...openvas_familyWeb application abuses03/27/2018accepted
100
768696303/27/2018VulD...openvas_titleownCloud OpenID Access Control Bypass Vulnerability (Windows)03/27/2018accepted
100
768696203/27/2018VulD...openvas_filenamegb_owncloud_openid_access_control_bypass_vuln_win.nasl03/27/2018accepted
100
768696103/27/2018VulD...openvas_id86301303/27/2018accepted
100
768695803/27/2018VulD...cve_nvd_summaryThe user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.cve.org03/27/2018accepted
100
768695703/27/2018VulD...cve_nvd_published1522022400cve.org03/27/2018accepted
100
768695603/27/2018VulD...cve_assigned1392768000cve.org03/27/2018accepted
100
768695503/27/2018VulD...cveCVE-2014-2048cve.org03/27/2018accepted
100

46 more entries are not shown

Interested in the pricing of exploits?

See the underground prices here!