{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-19T00:00:00", "descriptions": [{"lang": "en", "value": "The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-03-14T15:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2047", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/", "refsource": "CONFIRM", "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.449Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-2047", "datePublished": "2014-03-14T16:00:00", "dateReserved": "2013-02-19T00:00:00", "dateUpdated": "2024-08-06T15:20:37.449Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "91C054D8-4161-4B1A-A7C2-BC9CF9C40FDC", "versionEndIncluding": "5.0.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D89BE316-CE49-49CB-85FB-B93C86E07276", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD902884-4F28-4AF6-A8D7-A6CD15048B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B18395A6-B385-4ADB-9278-5F59FF339F1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "94834DA8-247E-4A53-A95A-708AF7F9AC4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "35203A98-76CE-4475-9C4A-60E6A1990B8A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password."}, {"lang": "es", "value": "La p\u00e1gina de inicio de sesi\u00f3n (tambi\u00e9n conocido como index.php) en ownCloud anterior a 5.0.6 no deshabilita la configuraci\u00f3n de autocompletar para el par\u00e1metro password, lo que facilita a atacantes f\u00edsicamente pr\u00f3ximos adivinar la contrase\u00f1a."}], "id": "CVE-2013-2047", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-03-14T16:55:05.443", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-023/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}