CVE-2013-2039 — Path Traversal in Owncloud

CWE-22 — Path Traversal7 documents5 sources

Severity

4.0MEDIUMNVD

EPSS

0.1%

top 69.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Owncloud Owncloud Server

Timeline

PublishedMar 14

Latest updateMay 17

Description

Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

▶Ubuntuowncloud/owncloud< 6.0.1+dfsg-1ubuntu1

▶NVDowncloud/owncloud4.0.14

▶NVDowncloud/owncloud_server30 versions+29

Patches

Patch: owncloud.org ↗Patch: owncloud.org ↗

🔴Vulnerability Details

GHSA

GHSA-f8f3-c8c7-jrwc: Directory traversal vulnerability in lib/files/view↗2022-05-17

▶

OSV

CVE-2013-2039: Directory traversal vulnerability in lib/files/view↗2014-03-14

▶

CVEList

CVE-2013-2039: Directory traversal vulnerability in lib/files/view↗2014-03-14

▶

💬Community

Bugzilla

CVE-2013-2039 CVE-2013-2040 CVE-2013-2042 CVE-2013-2043 CVE-2013-2046 owncloud: multiple flaws corrected in version 4.5.11↗2013-05-14

▶

Bugzilla

CVE-2013-2039 CVE-2013-2040 CVE-2013-2042 CVE-2013-2043 CVE-2013-2046 owncloud: multiple flaws corrected in version 4.5.11 [fedora-18]↗2013-05-14

▶

Bugzilla

CVE-2013-2039 CVE-2013-2040 CVE-2013-2042 CVE-2013-2043 CVE-2013-2046 owncloud: multiple flaws corrected in version 4.5.11 [epel-6]↗2013-05-14

▶