Insecure RSA Host Key Validation in ownCloud Server

Insecure RSA Host Key Validation in ownCloud Server

CVE-2014-5341 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.

Learn more about our Cis Benchmark Audit For Server Software.