CVE-2012-5665

Published: Jan 3, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/owncloud/core/commit/c4ecbad

x_refsource_CONFIRM

57030

vdb-entry

x_refsource_BID

https://github.com/owncloud/core/commit/db7ca53

x_refsource_CONFIRM

[oss-security] 20121221 Re: CVE request: ownCloud

mailing-list

x_refsource_MLIST

http://owncloud.org/changelog/

x_refsource_CONFIRM

51614

third-party-advisory

x_refsource_SECUNIA

owncloud-settings-sec-bypass(80808)

vdb-entry

x_refsource_XF

[oss-security] 20121221 CVE request: ownCloud

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-5665

Description

Affected Products

References