CRITICAL🇵🇱 Wersja polska

CVE-2023-49105

CVSS 9.8v3.1pub. 2023-11-21upd. 2025-04-02

An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.

🤖 AI Analysis
How it works

The vulnerability results from improper handling of pre-signed URLs in the WebDAV API. The system accepts requests signed with a pre-signed URL even when the file owner does not have a signing-key configured. An attacker can craft such a request by providing only the known login of the victim and gain full access to their resources without providing a password or authentication token.

Impact

An attacker can without authentication read, modify, or permanently delete any files belonging to a user whose username is known to them — resulting in complete compromise of data confidentiality, integrity, and availability.

Mitigation & patch

Update ownCloud Server to version 10.13.1 or later. As a workaround, you can configure a signing-key for each user account. Details in the vendor's official security advisory: https://owncloud.com/security-advisories/webdav-api-authentication-bypass-using-pre-signed-urls/

Who is affected

ownCloud Server versions 10.6.0 through 10.13.0 (versions before 10.13.1)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Owncloud Server

    APP
    Owncloud
    10.6.0 – 10.13.1 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2014-2052CRITICAL9.8ten sam produkt

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to re...

CVE-2016-1499HIGH8.5ten sam produkt

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to ...

CVE-2015-7699HIGH9.0ten sam produkt

The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remo...

CVE-2015-6500HIGH7.5ten sam produkt

Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authent...

CVE-2015-4716HIGH10.0ten sam produkt

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8....