5
CVE-2012-5607
- EPSS 0.38%
- Veröffentlicht 18.12.2012 01:55:07
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe "Lost Password" reset functionality in ownCloud before 4.0.9 and 4.5.0 does not properly check the security token, which allows remote attackers to change an accounts password via unspecified vectors related to a "Remote Timing Attack."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Owncloud ≫ Owncloud Server Version3.0.0
Owncloud ≫ Owncloud Server Version3.0.1
Owncloud ≫ Owncloud Server Version3.0.2
Owncloud ≫ Owncloud Server Version3.0.3
Owncloud ≫ Owncloud Server Version4.0.0
Owncloud ≫ Owncloud Server Version4.0.1
Owncloud ≫ Owncloud Server Version4.0.2
Owncloud ≫ Owncloud Server Version4.0.3
Owncloud ≫ Owncloud Server Version4.0.4
Owncloud ≫ Owncloud Server Version4.0.5
Owncloud ≫ Owncloud Server Version4.0.6
Owncloud ≫ Owncloud Server Version4.0.7
Owncloud ≫ Owncloud Server Version4.5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.563 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|