VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2013· Updated Apr 29, 2026

CVE-2013-6403

CVE-2013-6403

Description

ownCloud before 5.0.13 allows remote attackers to bypass admin page access restrictions via unspecified vectors related to MariaDB.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

ownCloud before 5.0.13 allows remote attackers to bypass admin page access restrictions via unspecified vectors related to MariaDB.

Vulnerability

The admin page in ownCloud versions before 5.0.13 contains an unspecified access restriction bypass vulnerability related to MariaDB [1][2]. The exact code path and conditions are not publicly detailed, but the issue is triggered under certain circumstances involving MariaDB.

Exploitation

An attacker with network access to the ownCloud instance can exploit this vulnerability to bypass intended access controls on the admin page. The specific prerequisites (e.g., authentication status, MariaDB configuration) are not disclosed in the available references [1].

Impact

Successful exploitation allows the attacker to gain unauthorized access to the ownCloud admin page, potentially leading to full administrative control over the ownCloud instance, including data access and configuration changes.

Mitigation

The vulnerability is fixed in ownCloud version 5.0.13, released on November 28, 2013 [1][2]. Users should upgrade to this version or later. No workarounds are documented.

References
  1. security - Re: CVE Request: ownCloud security bypass on admin page
  2. Changelog - ownCloud

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

14
  • OwnCloud/Owncloud2 versions
    cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*range: <=5.0.12
    • (no CPE)range: <5.0.13
  • OwnCloud/Server12 versions
    cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:5.0.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.