Contact
Search Get started

ownCloud Android App lock bypass

Mar 17, 2022

  • Risk: low
  • CVSS v3 Base Score: 5.3
  • CVSS v3 Vector: AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
  • CWE ID: CWE-284
  • CWE Name: CWE-284: Improper Access Control
  • CVE: CVE-2022-25338

Description

An attacker with physical access to the device could bypass the app lock of the ownCloud Android App.

Affected

  • ownCloud Android app < 2.20

Action taken

Properly implement the lock screen