CVE-2015-5955

ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.

Published: Oct 29, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-5955
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-522

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
owncloud / owncloud	-	3.4.4

https://owncloud.org/security/advisory/?id=oc-sa-2015-013

Vulnerability Database

289,697

CVE-2015-5955