Description

The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.

Remediation

References

CVE-2014-5341

Related Vulnerabilities

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-40572)

MySQL CVE-2022-21290 Vulnerability (CVE-2022-21290)

CherryPy Other Vulnerability (CVE-2006-0847)

MySQL CVE-2019-3004 Vulnerability (CVE-2019-3004)

Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2)

Severity

Medium

Classification

CVE-2014-5341 CWE-200

Tags

Missing Update Known Vulnerabilities