Vulnerability Description
The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary code via a crafted mount point option, related to "objectstore."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Owncloud | Owncloud Server | 7.0.0 |
Related Weaknesses (CWE)
References
- http://www.debian.org/security/2015/dsa-3373
- https://github.com/owncloud/core/pull/18558
- https://owncloud.org/security/advisory/?id=oc-sa-2015-018Vendor Advisory
- http://www.debian.org/security/2015/dsa-3373
- https://github.com/owncloud/core/pull/18558
- https://owncloud.org/security/advisory/?id=oc-sa-2015-018Vendor Advisory
FAQ
What is CVE-2015-7699?
CVE-2015-7699 is a vulnerability with a CVSS score of 9.0 (HIGH). The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary cod...
How severe is CVE-2015-7699?
CVE-2015-7699 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7699?
Check the references section above for vendor advisories and patch information. Affected products include: Owncloud Owncloud Server.