Unrated severityNVD Advisory· Published May 20, 2021· Updated Aug 3, 2024
CVE-2021-29659
CVE-2021-29659
Description
ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. Due to a bug in the related API endpoint, the attacker can enumerate all users in a single request by entering three whitespaces. Secondary, the retrieval of all users on a large instance could cause higher than average load on the instance.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ownCloud/ownClouddescription
Patches
Vulnerability mechanics
References
2- doc.owncloud.com/server/admin_manual/release_notes.htmlmitrex_refsource_MISC
- owncloud.com/security-advisories/cve-2021-29659/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.