Security News > 2023 > November > Hackers start exploiting critical ownCloud flaw, patch now
Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.
Of the three flaws, CVE-2023-49103 received a maximum CVSS severity score of 10.0 as it allows a remote threat actor to execute phpinfo() through the ownCloud 'graphapi' app, which reveals the server's environment variables, including credentials stored within them.
"In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key," reads the CVE-2023-49103 advisory.
Leveraging CVE-2023-49103 for data theft attacks isn't complicated, and threat actors have already been discovered exploiting the flaw in attacks.
Php' file, disable the 'phpinfo' function in Docker containers, and change potentially exposed secrets like the ownCloud admin password, mail server, database credentials, and Object-Store/S3 access keys.
Critical bug in ownCloud file sharing app exposes admin passwords.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-21 | CVE-2023-49103 | Unspecified vulnerability in Owncloud Graph API 0.2.0/0.3.0 An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. | 7.5 |