{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-18T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-03-14T15:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-018/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.471Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-018/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1963", "datePublished": "2014-03-14T16:00:00.000Z", "dateReserved": "2013-02-19T00:00:00.000Z", "dateUpdated": "2024-08-06T15:20:37.471Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "C844D624-9B76-43B8-BD1A-A2743F1CF42C", "versionEndIncluding": "4.5.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "56D46962-C2C4-4468-9DB0-15AFF4FE8032", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8577131-CCE2-4B98-8763-8F99E267BD5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "79A6F6FF-7E31-4337-93E0-ED05D3D698D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C21E9F9A-5734-4819-8845-E82ADC29ABD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D57EBB84-E1B2-44F4-BD7B-8D4A79A2E2D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "2E90708D-CA85-4034-ADA7-72522812CEF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "FA2C4F18-4056-4ED3-B1E7-C945849FE97C", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "DE1FA818-0C13-4F41-9AF8-F31B035491F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "F48864EB-2863-4C12-8F3B-DC90C29F6719", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D89BE316-CE49-49CB-85FB-B93C86E07276", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD902884-4F28-4AF6-A8D7-A6CD15048B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B18395A6-B385-4ADB-9278-5F59FF339F1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "94834DA8-247E-4A53-A95A-708AF7F9AC4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "35203A98-76CE-4475-9C4A-60E6A1990B8A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors."}, {"lang": "es", "value": "La aplicaci\u00f3n de contactos en ownCloud anterior a 4.5.10 y 5.x anterior a 5.0.5 no comprueba debidamente la propiedad de contactos, lo que permite a usuarios remotos autenticados descargar contactos arbitrarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-1963", "lastModified": "2026-05-06T22:30:45.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-03-14T16:55:04.990", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-018/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-018/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}