Description
index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.
Remediation
References
Related Vulnerabilities
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999003)
Resin Application Server Other Vulnerability (CVE-2004-0281)
MySQL CVE-2012-0486 Vulnerability (CVE-2012-0486)
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4283)