Vulnerabilities > CVE-2020-10252 - Server-Side Request Forgery (SSRF) vulnerability in Owncloud

047910
CVSS 8.3 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
HIGH
network
low complexity
owncloud
CWE-918

Summary

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.

Vulnerable Configurations

Part Description Count
Application
Owncloud
601

Common Weakness Enumeration (CWE)