ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5341)
Description
The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.