Description
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2014-2099 | Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors. |
References
History
Mon, 31 Mar 2025 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Owncloud owncloud Server
|
|
| CPEs | cpe:2.3:a:owncloud:owncloud_server:6.0.0:*:*:*:*:*:*:* | |
| Vendors & Products |
Owncloud owncloud Server
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T09:58:16.220Z
Reserved: 2014-02-19T00:00:00.000Z
Link: CVE-2014-2047
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2014-03-14T16:55:05.613
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-2047
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses