CVE-2015-5955

ownCloud iOS <3.4.4 - Info Disclosure

Title source: llm

Description

ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.

References (1)

[Broken Link, Vendor Advisory] https://owncloud.org/security/advisory/?id=oc-sa-2015-013

Scores

EPSS 0.0020

EPSS Percentile 42.4%

Classification

CWE

CWE-522

Status draft

Affected Products (1)

owncloud/owncloud_client < 3.4.4

Timeline

Published Oct 29, 2015

Tracked Since Feb 18, 2026