CVE-2013-2047
published 2014-03-14CVE-2013-2047: The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for…
PriorityP413low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.37%
29.3th percentile
The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| owncloud | owncloud | <= 5.0.5 | — |
| owncloud | owncloud | >= 0 < 6.0.1+dfsg-1ubuntu1 | 6.0.1+dfsg-1ubuntu1 |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ghx4-6p9g-2pf5: The login page (aka index
ghsa_unreviewed·2022-05-17
CVE-2013-2047 [LOW] GHSA-ghx4-6p9g-2pf5: The login page (aka index
The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.
OSV
CVE-2013-2047: The login page (aka index
osv·2014-03-14·CVSS 2.1
CVE-2013-2047 [LOW] CVE-2013-2047: The login page (aka index
The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-03-14
Published