Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2015-7298

Published: 26/10/2015 Updated: 16/06/2021
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Owncloud

Vulnerability Summary

ownCloud Desktop Client prior to 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote malicious users to conduct man-in-the-middle (MITM) attacks by leveraging a server using a self-signed certificate. NOTE: this vulnerability exists because of a partial CVE-2015-4456 regression.

Vulnerable Product Search on Vulmon Subscribe to Product

owncloud owncloud desktop client

qt qt 5.4.1

qt qt 5.3.0

References

NVD-CWE-Otherhttps://owncloud.org/security/advisory/?id=oc-sa-2015-016https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook