Platform: Mobile Clients
- Risk: low
- CVSS v3 Base Score: 3.9
- CVSS v3 Vector: AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
- CWE ID: CWE-312
- CWE Name: Cleartext Storage of Sensitive Information
Given an attacker has physical access, creating a backup of the ownCloud Android app via adb provides access to the app preferences file.
Contained in the file were settings related to the app lock feature such as the pincode/pattern and if the respective lock is active. An attacker could change the values and restore the backup to the device which allows the attacker to circumvent the lock.
– ownCloud Android App version < 2.15
Disallow back up of app data
Your secure file platform
Boost your productivity and enable collaboration within your organization.
The backbone of secure file sharing
Our software as a service solution. Hosted securely in Germany.
Ready in a glimpse.
Download Mobile Apps
Bring your productivity game to the next level. Download our Android or iOS app from the app stores.