CVE-2014-2055 (GCVE-0-2014-2055)

Vulnerability from cvelistv5 – Published: 2014-06-04 14:00 – Updated: 2024-08-06 09:58
VLAI
Summary
SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public
2014-03-07 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:58:16.322Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://owncloud.org/about/security/advisories/oC-SA-2014-006/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/fruux/sabre-dav/releases/tag/1.7.11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-06-04T13:57:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://owncloud.org/about/security/advisories/oC-SA-2014-006/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/fruux/sabre-dav/releases/tag/1.7.11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-2055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://owncloud.org/about/security/advisories/oC-SA-2014-006/",
              "refsource": "CONFIRM",
              "url": "http://owncloud.org/about/security/advisories/oC-SA-2014-006/"
            },
            {
              "name": "https://github.com/fruux/sabre-dav/releases/tag/1.7.11",
              "refsource": "CONFIRM",
              "url": "https://github.com/fruux/sabre-dav/releases/tag/1.7.11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-2055",
    "datePublished": "2014-06-04T14:00:00.000Z",
    "dateReserved": "2014-02-19T00:00:00.000Z",
    "dateUpdated": "2024-08-06T09:58:16.322Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2014-2055",
      "date": "2026-06-07",
      "epss": "0.00537",
      "percentile": "0.6788"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2055\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-06-04T14:55:04.047\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.\"},{\"lang\":\"es\",\"value\":\"SabreDAV anterior a 1.7.11, utilizado en ownCloud Server anterior a 5.0.15 y 6.0.x anterior a 6.0.2, permite a atacantes remotos leer archivos arbitrarios, causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto a trav\u00e9s de un ataque de entidad externa XML (XXE).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.10\",\"matchCriteriaId\":\"9B5CDBFF-98CD-4D83-86DE-6D9DCBDEE447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66015009-B675-48D1-832E-83DA572CE3D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD6F6A89-0929-436C-AA9D-5C9785614A91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"718E00BD-5DE6-4C26-AD7B-EBEC1F4E487A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7267D5CC-D22D-42C4-A6B8-5F7BCFCD5E78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797523D4-B8D0-4245-9965-A968D8026304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550C2E4E-5D50-4A92-9C3D-E6FF68873876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4537A464-215B-4022-941A-04431C8BDA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AF82071-7199-4A62-B0D5-999D3490B3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB550531-7444-4692-B48A-36A04DFEF163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57434880-DCFF-404A-A2C8-B10AA129D0F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E4CC09F-E145-4390-9E03-CF14ACBDA0CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36AFB445-B140-4103-8382-56D34C646E8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64543375-1EC5-432F-97B0-D09ADE2DB7C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D19C4C-3A3A-4A1B-8FA1-8A522049CDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53CD9C93-83D6-433E-AE93-145063EC53DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2493DC42-655D-4B76-B30C-F1D19AA73645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE58412-FCDB-4997-B5AC-9085E8222B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"731DDDED-8D86-4EBF-889A-F26F40C4E95C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67F9D01B-E039-4209-936A-738345F7AEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E2E1FE-9449-464D-A6A4-ECF0775629DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A5745B-925B-48F5-B2BC-EFB46162505C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBDA277B-087D-45F3-A380-15F648B1EAF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FAA313-7A78-456A-BC34-BA49E391EC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24F90183-E9FC-42C9-BE08-4A1683383736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45BBAF94-5DC7-40B0-A1DA-858D9B30FBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C704ED-C955-4C4E-9A19-097A15DD1F76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68A00A4D-75BD-46E5-BA5C-EEFCA18EA61F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F3EF8F-6475-4B8E-929C-5B6C2689AA29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AA385C-6F5A-4E7F-B194-432FA1D7C5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BB211D7-8482-44C6-BF25-06D08F651E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5927D266-65D2-4E6E-A5E7-2F572E411B8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA0FCB53-D1BB-45FB-BC2D-FF5EDD2A980C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.10\",\"matchCriteriaId\":\"9B5CDBFF-98CD-4D83-86DE-6D9DCBDEE447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66015009-B675-48D1-832E-83DA572CE3D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD6F6A89-0929-436C-AA9D-5C9785614A91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"718E00BD-5DE6-4C26-AD7B-EBEC1F4E487A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7267D5CC-D22D-42C4-A6B8-5F7BCFCD5E78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797523D4-B8D0-4245-9965-A968D8026304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550C2E4E-5D50-4A92-9C3D-E6FF68873876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4537A464-215B-4022-941A-04431C8BDA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AF82071-7199-4A62-B0D5-999D3490B3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB550531-7444-4692-B48A-36A04DFEF163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57434880-DCFF-404A-A2C8-B10AA129D0F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E4CC09F-E145-4390-9E03-CF14ACBDA0CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36AFB445-B140-4103-8382-56D34C646E8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64543375-1EC5-432F-97B0-D09ADE2DB7C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D19C4C-3A3A-4A1B-8FA1-8A522049CDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53CD9C93-83D6-433E-AE93-145063EC53DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2493DC42-655D-4B76-B30C-F1D19AA73645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE58412-FCDB-4997-B5AC-9085E8222B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"731DDDED-8D86-4EBF-889A-F26F40C4E95C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67F9D01B-E039-4209-936A-738345F7AEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E2E1FE-9449-464D-A6A4-ECF0775629DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A5745B-925B-48F5-B2BC-EFB46162505C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBDA277B-087D-45F3-A380-15F648B1EAF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FAA313-7A78-456A-BC34-BA49E391EC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24F90183-E9FC-42C9-BE08-4A1683383736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45BBAF94-5DC7-40B0-A1DA-858D9B30FBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C704ED-C955-4C4E-9A19-097A15DD1F76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68A00A4D-75BD-46E5-BA5C-EEFCA18EA61F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F3EF8F-6475-4B8E-929C-5B6C2689AA29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AA385C-6F5A-4E7F-B194-432FA1D7C5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fruux:sabredav:1.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BB211D7-8482-44C6-BF25-06D08F651E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:*:a:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.14\",\"matchCriteriaId\":\"1786093A-E86B-4099-B0BE-2545E8CAFFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D89BE316-CE49-49CB-85FB-B93C86E07276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD902884-4F28-4AF6-A8D7-A6CD15048B0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B18395A6-B385-4ADB-9278-5F59FF339F1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94834DA8-247E-4A53-A95A-708AF7F9AC4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35203A98-76CE-4475-9C4A-60E6A1990B8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B1C940B-E6FE-41D5-8313-E6498331E9F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F530C316-3FAC-4F1A-8AFA-7E9300EFDFFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14EDBCD8-08D3-4730-BA07-2F1B3E0B5FD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1368B598-A061-4AB1-8B45-4E2F87AA0CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E3A73DB-414D-4E84-9929-CF57F31E407C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23EE5509-FF8F-42A5-9002-A9BC5A4178C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC6B240-1040-465B-B6B1-133651A6374B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2BEBED-B273-4779-8168-7168F1B32CDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C91EB5FD-9B1C-41A3-B76F-5FC2A3FA3C10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud_server:5.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A24E2C3B-6585-482B-920B-B41B892B8D99\"}]}]}],\"references\":[{\"url\":\"http://owncloud.org/about/security/advisories/oC-SA-2014-006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/fruux/sabre-dav/releases/tag/1.7.11\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://owncloud.org/about/security/advisories/oC-SA-2014-006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/fruux/sabre-dav/releases/tag/1.7.11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://cwe.mitre.org/data/definitions/611.html\\n\\n\\\"CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\\\"\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.