Security News > 2023 > November > Hackers start exploiting critical ownCloud flaw, patch now

Hackers start exploiting critical ownCloud flaw, patch now
2023-11-28 16:14

Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.

Of the three flaws, CVE-2023-49103 received a maximum CVSS severity score of 10.0 as it allows a remote threat actor to execute phpinfo() through the ownCloud 'graphapi' app, which reveals the server's environment variables, including credentials stored within them.

"In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key," reads the CVE-2023-49103 advisory.

Leveraging CVE-2023-49103 for data theft attacks isn't complicated, and threat actors have already been discovered exploiting the flaw in attacks.

Php' file, disable the 'phpinfo' function in Docker containers, and change potentially exposed secrets like the ownCloud admin password, mail server, database credentials, and Object-Store/S3 access keys.

Critical bug in ownCloud file sharing app exposes admin passwords.


News URL

https://www.bleepingcomputer.com/news/security/hackers-start-exploiting-critical-owncloud-flaw-patch-now/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-11-21 CVE-2023-49103 Unspecified vulnerability in Owncloud Graph API 0.2.0/0.3.0
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1.
network
low complexity
owncloud
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Owncloud 9 3 41 11 4 59