.jpg)
The maintainers of ownCloud, a popular open-source file-sharing software, have recently issued an alert regarding three critical security flaws that could have severe consequences. The flaws have become known through a recent announcement by ownCloud’s maintainers.
Several vulnerabilities in ownCloud pose a significant risk to the security and privacy of users, as they could allow sensitive information to be exposed and files to be modified unauthorized, compromising the security and privacy of users in ownCloud.
A CVSS score of 10.0 has been assigned to the first vulnerability, which affects containerized deployments. This vulnerability requires the disclosure of sensitive credentials and configurations in order to exploit it. An important flaw in graphapi versions ranging for 0.2.0 to 0.3.0 has been exploited against graphapi.
If an attacker is able to access a particular URL, crucial details about a PHP environment, including variables used to control a web server, could be revealed. The environment variables of containerized deployments may contain sensitive data such as the administrator password for the OwnCloud system, the credentials for the email server, and the license key for the software.
Among the three critical security vulnerabilities that have been discover
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: