PT-2021-9145 · Owncloud · Owncloud

Published

2021-02-19

Updated

2021-02-25

CVE-2020-10254

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ownCloud versions prior to 10.4

Description An issue was discovered in ownCloud where an attacker can bypass authentication on a password-protected image by displaying its preview.

Recommendations For ownCloud versions prior to 10.4, update to version 10.4 or later to resolve the issue.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2020-10254

Affected Products

Owncloud

PT-2021-9145 · Owncloud · Owncloud

CVE-2020-10254

Weakness Enumeration

Related Identifiers

Affected Products

References · 8