Lucene search
HistoryJun 04, 2014 - 2:55 p.m.
CVE-2014-2055
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.005
Percentile
77.0%
SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Affected configurations
Node
fruuxsabredavRange≤1.7.10
ORfruuxsabredavMatch1.6.0
ORfruuxsabredavMatch1.6.1
ORfruuxsabredavMatch1.6.2
ORfruuxsabredavMatch1.6.3
ORfruuxsabredavMatch1.6.4
ORfruuxsabredavMatch1.6.5
ORfruuxsabredavMatch1.6.6
ORfruuxsabredavMatch1.6.7
ORfruuxsabredavMatch1.6.8
ORfruuxsabredavMatch1.6.9
ORfruuxsabredavMatch1.6.10
ORfruuxsabredavMatch1.7.0
ORfruuxsabredavMatch1.7.1
ORfruuxsabredavMatch1.7.2
ORfruuxsabredavMatch1.7.3
ORfruuxsabredavMatch1.7.4
ORfruuxsabredavMatch1.7.5
ORfruuxsabredavMatch1.7.6
ORfruuxsabredavMatch1.7.7
ORfruuxsabredavMatch1.7.8
ORfruuxsabredavMatch1.7.9
ORfruuxsabredavMatch1.8.0
ORfruuxsabredavMatch1.8.1
ORfruuxsabredavMatch1.8.2
ORfruuxsabredavMatch1.8.3
ORfruuxsabredavMatch1.8.4
ORfruuxsabredavMatch1.8.5
ORfruuxsabredavMatch1.8.6
ORfruuxsabredavMatch1.8.7
ORfruuxsabredavMatch1.8.9
ORowncloudowncloudMatch6.0.0
ORowncloudowncloudMatch6.0.1
Node
fruuxsabredavRange≤1.7.10
ORfruuxsabredavMatch1.6.0
ORfruuxsabredavMatch1.6.1
ORfruuxsabredavMatch1.6.2
ORfruuxsabredavMatch1.6.3
ORfruuxsabredavMatch1.6.4
ORfruuxsabredavMatch1.6.5
ORfruuxsabredavMatch1.6.6
ORfruuxsabredavMatch1.6.7
ORfruuxsabredavMatch1.6.8
ORfruuxsabredavMatch1.6.9
ORfruuxsabredavMatch1.6.10
ORfruuxsabredavMatch1.7.0
ORfruuxsabredavMatch1.7.1
ORfruuxsabredavMatch1.7.2
ORfruuxsabredavMatch1.7.3
ORfruuxsabredavMatch1.7.4
ORfruuxsabredavMatch1.7.5
ORfruuxsabredavMatch1.7.6
ORfruuxsabredavMatch1.7.7
ORfruuxsabredavMatch1.7.8
ORfruuxsabredavMatch1.7.9
ORfruuxsabredavMatch1.8.0
ORfruuxsabredavMatch1.8.1
ORfruuxsabredavMatch1.8.2
ORfruuxsabredavMatch1.8.3
ORfruuxsabredavMatch1.8.4
ORfruuxsabredavMatch1.8.5
ORfruuxsabredavMatch1.8.6
ORfruuxsabredavMatch1.8.7
ORfruuxsabredavMatch1.8.9
ORowncloudowncloudRange≤5.0.14a
ORowncloudowncloudMatch5.0.0
ORowncloudowncloudMatch5.0.1
ORowncloudowncloudMatch5.0.2
ORowncloudowncloudMatch5.0.3
ORowncloudowncloudMatch5.0.4
ORowncloudowncloudMatch5.0.5
ORowncloudowncloudMatch5.0.6
ORowncloudowncloudMatch5.0.7
ORowncloudowncloudMatch5.0.8
ORowncloudowncloudMatch5.0.9
ORowncloudowncloudMatch5.0.10
ORowncloudowncloudMatch5.0.11
ORowncloudowncloudMatch5.0.12
ORowncloudowncloudMatch5.0.13
ORowncloudowncloudMatch5.0.14
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fruux | sabredav | * | cpe:2.3:a:fruux:sabredav:*:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.0 | cpe:2.3:a:fruux:sabredav:1.6.0:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.1 | cpe:2.3:a:fruux:sabredav:1.6.1:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.2 | cpe:2.3:a:fruux:sabredav:1.6.2:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.3 | cpe:2.3:a:fruux:sabredav:1.6.3:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.4 | cpe:2.3:a:fruux:sabredav:1.6.4:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.5 | cpe:2.3:a:fruux:sabredav:1.6.5:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.6 | cpe:2.3:a:fruux:sabredav:1.6.6:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.7 | cpe:2.3:a:fruux:sabredav:1.6.7:*:*:*:*:*:*:* |
| fruux | sabredav | 1.6.8 | cpe:2.3:a:fruux:sabredav:1.6.8:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2014-2055
2014-06-04 14:55:04
github
github
XXE in SabreDAV
2022-05-17 04:42:42
cvelist
cvelist
CVE-2014-2055
2014-06-04 14:00:00
friendsofphp
friendsofphp
XEE issue that could expose local files or easily trigger a DOS attack.
2014-02-26 22:13:46
cve
cve
CVE-2014-2055
2014-06-04 14:55:04
prion
prion
Xxe
2014-06-04 14:55:00
ubuntucve
ubuntucve
CVE-2014-2055
2014-06-04 00:00:00
osv
osv
XXE in SabreDAV
2022-05-17 04:42:42
owncloud
owncloud
Server: XXE in multiple third party components
2014-07-03 02:00:00
XXE in multiple third party components - ownCloud
2014-07-03 18:22:45
openvas
openvas
ownCloud Multiple Vulnerabilities-02 (Jul 2014)
2014-07-03 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.005
Percentile
77.0%
Related for NVD:CVE-2014-2055