cbcvebase.
CVE-2013-2047
published 2014-03-14

CVE-2013-2047: The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for…

PriorityP413low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.37%
29.3th percentile
The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.

Affected

7 ranges
VendorProductVersion rangeFixed in
owncloudowncloud<= 5.0.5
owncloudowncloud>= 0 < 6.0.1+dfsg-1ubuntu16.0.1+dfsg-1ubuntu1
owncloudowncloud_server
owncloudowncloud_server
owncloudowncloud_server
owncloudowncloud_server
owncloudowncloud_server

CVSS provenance

nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.