Security Advisory

CVE-2017-5865

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-03-03 15:00:00

Last updated 2024-08-05 15:11:49

Assigner mitre

State PUBLISHED

Description

The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 sends different error messages depending on whether the username is valid, which allows remote attackers to enumerate user names via a large number of password reset attempts.

← Browse all CVEs View on cve.org ↗