CVE-2015-4456 in Desktop Client
Resumen (Inglés)
ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, allows man-in-the-middle attackers to bypass the user's certificate distrust decision and obtain sensitive information by leveraging a self-signed certificate and a connection to a server using its own self-signed certificate.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservar
2015-06-09
Divulgación
2015-10-26
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 78887 | ownCloud Desktop Client ignoreSslErrors autenticación débil | 297 | No está definido | Arreglo oficial | CVE-2015-4456 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV