Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2017-5865 - Vulnerability Database
ownCloud

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2017-5865

Low
Reference: CVE-2017-5865
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-5865
Title: ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The password reset functionality in ownCloud Server before 8.1.11 8.2.x before 8.2.9 9.0.x before 9.0.7 and 9.1.x before 9.1.3 sends different error messages depending on whether the username is valid which allows remote attackers to enumerate user names via a large number of password reset attempts.