Lucene search

[email protected]NVD:CVE-2015-7698

HistoryOct 21, 2015 - 6:59 p.m.

CVE-2015-7698

2015-10-2118:59:06

CWE-78

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.005

Percentile

76.1%

JSON

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2) connect or (3) read function in Share.php.

Affected configurations

Nvd

Node

owncloudsmbRange≤1.0.2

Node

owncloudowncloudRange≤8.1.1

VendorProductVersionCPE
owncloudsmb*cpe:2.3:a:owncloud:smb:*:*:*:*:*:*:*:*
owncloudowncloud*cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
owncloud	smb	*	cpe:2.3:a:owncloud:smb::::::::
owncloud	owncloud	*	cpe:2.3:a:owncloud:owncloud::::::::

References

github.com/icewind1991/SMB/commit/33ab10cc4d5c3e48cba3a074b5f9fc67590cd032

owncloud.org/security/advisory/?id=oc-sa-2015-017

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.005

Percentile

76.1%

JSON

Related for NVD:CVE-2015-7698

owncloud2 prion1 cvelist1 ubuntucve1 openvas1 cve1