The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Owncloud |
|
Configuration 1 [-]
|
No data.
References
| Link | Providers |
|---|---|
| https://owncloud.org/security/advisory/?id=oc-sa-2014-025 |
|
History
Mon, 31 Mar 2025 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Owncloud owncloud Server
|
|
| CPEs | cpe:2.3:a:owncloud:owncloud:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:7.0.2:*:*:*:*:*:*:* |
cpe:2.3:a:owncloud:owncloud_server:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:7.0.2:*:*:*:*:*:*:* |
| Vendors & Products |
Owncloud owncloud
|
Owncloud owncloud Server
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T13:33:13.568Z
Reserved: 2014-11-21T00:00:00
Link: CVE-2014-9049
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2015-02-04T18:59:08.667
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-9049
Redhat
No data.