CVE-2014-3838

Name of the Vulnerable Software and Affected Versions ownCloud Server versions prior to 5.0.16 ownCloud Server versions 6.0.x prior to 6.0.3

Description The issue allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts, due to improper permission checking.

Recommendations For ownCloud Server versions prior to 5.0.16, update to version 5.0.16 or later. For ownCloud Server versions 6.0.x prior to 6.0.3, update to version 6.0.3 or later.