CVE-2013-2046

Published Mar 9, 2014

Last updated 6 days ago

CVSS info 6.5

Overview

Description: SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Source: secalert@redhat.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56D46962-C2C4-4468-9DB0-15AFF4FE8032"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8577131-CCE2-4B98-8763-8F99E267BD5B"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79A6F6FF-7E31-4337-93E0-ED05D3D698D4"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C21E9F9A-5734-4819-8845-E82ADC29ABD2"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D57EBB84-E1B2-44F4-BD7B-8D4A79A2E2D3"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E90708D-CA85-4034-ADA7-72522812CEF6"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA2C4F18-4056-4ED3-B1E7-C945849FE97C"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE1FA818-0C13-4F41-9AF8-F31B035491F4"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F48864EB-2863-4C12-8F3B-DC90C29F6719"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CACD6812-4C89-46C9-B483-96829102157F"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4959B6D-08B3-4A88-A30D-AE2431085D3B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D89BE316-CE49-49CB-85FB-B93C86E07276"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD902884-4F28-4AF6-A8D7-A6CD15048B0C"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B18395A6-B385-4ADB-9278-5F59FF339F1F"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94834DA8-247E-4A53-A95A-708AF7F9AC4E"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35203A98-76CE-4475-9C4A-60E6A1990B8A"
          },
          {
            "criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B1C940B-E6FE-41D5-8313-E6498331E9F5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References