CVE-2012-4392

Published: Sep 5, 2012

Modified: Sep 16, 2024

PUBLISHED

Description

index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20120810 ownCloud - matching CVEs to fix information and vice versa

mailing-list

x_refsource_MLIST

[oss-security] 20120901 Re: CVE - ownCloud

mailing-list

x_refsource_MLIST

https://github.com/owncloud/core/commit/4fd069b47906ebcf83887970c732d464dbe7d37a

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-4392

Description

Affected Products

References