Summary
New vulnerabilities have been discovered in OwnCloud, a well-known sharing and collaboration software, one of which is “high” in severity.
Risk
Estimate of the vulnerability’s impact on the reference community: HIGH/ORANGE (65.12/100)1.
Type
- Information Disclosure
- Security Restrictions Bypass
Affected products and versions
OwnCloud (owncloud/core) versions prior to 10.15.0.
Mitigation actions
In line with the vendor’s statements, it is recommended to update the product to version 10.15.0 or higher.
Unique Vulnerability Identifiers
References
https://owncloud.com/security-advisories/insecure-direct-object-reference-in-external-storage
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
