Back to search
CVE-2015-7298
Published: Oct 26, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server using a self-signed certificate. NOTE: this vulnerability exists because of a partial CVE-2015-4456 regression.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://owncloud.org/security/advisory/?id=oc-sa-2015-016
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now