Description

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly check permissions, which allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts.

Remediation

References

CVE-2014-3838

Related Vulnerabilities

Oracle Database Server CVE-2019-2909 Vulnerability (CVE-2019-2909)

WordPress Plugin Woocommerce User Email Verification Security Bypass (3.3.0)

WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)

SharePoint CVE-2022-29108 Vulnerability (CVE-2022-29108)

WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114)

Severity

Medium

Classification

CVE-2014-3838 CWE-264

Tags

Missing Update Known Vulnerabilities