CVE-2022-43679 MEDIUM

CVE-2022-43679

Vendor N/A
Product n/a
Published November 10, 2022
Last update May 1, 2025

CVSS base score

4.2/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AC:H/AV:N/A:N/C:L/I:L/PR:N/S:U/UI:R

What the vulnerability does

01Description

The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.

Key dates

02Disclosure timeline

November 10, 2022 CVE published
May 1, 2025 Record updated