COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-49103

CVE-2023-49103

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-11-30
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-49103
⌖ exploited in the wild shame 50/100 exploited-in-wild

ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.

Players implicated

ownCloud · vendorownCloud graphapi · product

Description

ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.