November 28, 2023 at 11:16AM Hackers are actively exploiting a critical vulnerability in the ownCloud file synchronization software that could lead to data breaches. The flaw, tracked as CVE-2023-49103, allows attackers to access sensitive information such as admin passwords, mail server credentials, and license keys. The vulnerability affects both containerized and non-containerized deployments, and administrators … Read more
November 28, 2023 at 10:00AM Threat actors are actively exploiting a critical information disclosure vulnerability in ownCloud’s Graphapi app. The vulnerability allows attackers to retrieve sensitive credentials and system information. The flaw affects Graphapi versions 0.2.0 to 0.3.0 and cannot be mitigated by disabling the app alone. Administrators are urged to follow the mitigation steps … Read more
November 27, 2023 at 01:34PM ownCloud has disclosed three critical vulnerabilities, including sensitive data exposure and authentication bypass flaws. The vulnerabilities affect containerized deployments, exposing admin passwords, mail server credentials, and license keys. Customers are advised to delete a specific file, change their secrets, and deny the use of pre-signed URLs. ownCloud is taking steps … Read more
November 27, 2023 at 11:36AM Open-source file-sharing software ownCloud has been found to have critical vulnerabilities that could expose sensitive information and allow authentication bypass. The most severe vulnerability affects the graphapi app and reveals important PHP environment details, including sensitive data like admin passwords and license keys. Another vulnerability allows unauthorized access, modification, and … Read more
November 24, 2023 at 11:30PM The open-source file-sharing software ownCloud has warned users about three critical security flaws that could expose sensitive information and allow for file modification. The vulnerabilities involve disclosure of credentials and configuration, authentication bypass, and subdomain validation bypass. The company recommends specific fixes for each flaw. Additionally, a critical remote code … Read more
November 24, 2023 at 01:20PM Open-source file sharing software ownCloud has issued warnings about three critical security vulnerabilities. The first flaw exposes administrator passwords and mail server credentials. The second flaw allows unauthorized access to files without authentication. The third flaw bypasses subdomain validation in the OAuth2 library. Users are advised to apply recommended fixes … Read more