- Risk: medium
- CVSS v3 Base Score: 4.0
- CVSS v3 Vector: AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/CR:X/IR:X/AR:X
- CWE ID: 284
- CWE Name: Improper Access Control
- CVE: CVE-2024-26322
Description
Improper validation in the Biometric authentication process may allow an attacker to bypass that process and gain unauthorized access. This attack requires physical access to the vulnerable device.
Affected
- ownCloud for Android (com.owncloud.android) < 4.2.0
Action taken
Upgrade ownCloud for Android to version 4.2.0 or above