Authentication Bypass Vulnerability in ownCloud 4.0.7

CVE-2012-4392 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.

Learn more about our Cloud Audit.