- Description
- An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- ownCloud graphapi Information Disclosure Vulnerability
- Exploit added on
- Nov 30, 2023
- Exploit action due
- Dec 21, 2023
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-200
- Hype score
- Not currently trending
هکرها به صورت گسترده با استفاده از آسیب پذیری با کد شناسایی CVE-2022-47945 که مربوط به محصول ThinkPHP و آسیب پذیری با کد شناسایی CVE-2023-49103 که مربوط به ownCloud می باشد ، در حال هک کردن سیستم ها و شبکه ها به صورت گسترده هستند. https://t.co/Poz3aKY03t https://t.co/YfTpF0Hvci
@AmirHossein_sec
14 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Surge in attacks exploiting old ThinkPHP and ownCloud flaws: https://t.co/71LPtJ7XYz Increased attacks are targeting vulnerabilities CVE-2022-47945 and CVE-2023-49103 in ThinkPHP and ownCloud, respectively. CVE-2022-47945, a local file inclusion flaw, allows unauthenticated… htt
@securityRSS
13 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Exploitation of vulnerabilities in ThinkPHP (CVE-2022-47945) and OwnCloud (CVE-2023-49103) is on the rise, posing serious risks. Patching is crucial to protect systems. #ThinkPHP #OwnCloud #USA link: https://t.co/6sWifYZFmh https://t.co/tvJRQ37zkG
@TweetThreatNews
13 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ThinkPHP (CVE-2022-47945) and ownCloud (CVE-2023-49103) are seeing a surge in exploitation attempts despite patches being available for years. GreyNoise reports over 1,000 unique IPs actively targeting these vulnerabilities. #Cybersécurité #threats
@DCryptaris86649
13 Feb 2025
3 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:owncloud:graph_api:0.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4FB1ADA-F2C3-4632-A5ED-36BCE73CDA96"
},
{
"criteria": "cpe:2.3:a:owncloud:graph_api:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B2F54D9-20AF-4161-8104-CD80A3D39BB0"
}
],
"operator": "OR"
}
]
}
]