PT-2017-18854 · Owncloud · Owncloud Server
Published
2017-07-17
·
Updated
2022-09-21
·
CVE-2017-9339
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
ownCloud Server versions prior to 10.0.2
Description
A logical error in the software caused the disclosure of valid share tokens for public calendars, potentially granting an attacker access to publicly shared calendars without knowing the share token.
Recommendations
For versions prior to 10.0.2, update to version 10.0.2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Owncloud Server