CVE-2014-9045

medium

Description

The FTP backend in user_external in ownCloud Server before 5.0.18 and 6.x before 6.0.6 allows remote attackers to bypass intended authentication requirements via a crafted password.

References

https://owncloud.org/security/advisory/?id=oc-sa-2014-022

Details

Source: MITRE

Published: 2015-02-04

Updated: 2015-02-05

Type: CWE-287

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM