CVE-2020-28645 : What You Need to Know

Deleting users with certain names in ownCloud/core versions < 10.6 can lead to system files being deleted.

Understanding CVE-2020-28645

Deleting users with specific names can trigger the deletion of system files, posing a higher risk for systems where users can self-register and have the data directory in the web root.

What is CVE-2020-28645?

This vulnerability in ownCloud/core versions < 10.6 allows malicious users to delete system files by exploiting user deletion with certain names.

The Impact of CVE-2020-28645

The vulnerability can result in the unintended deletion of critical system files, potentially leading to system instability or data loss.

Technical Details of CVE-2020-28645

Deleting users with specific names triggers the deletion of system files, affecting the system's integrity and security.

Vulnerability Description

Deleting users with certain names can cause the deletion of critical system files, compromising system stability and data integrity.

Affected Systems and Versions

ownCloud/core versions < 10.6 are vulnerable to this issue.

Exploitation Mechanism

Malicious users exploit the user deletion functionality with specific names to delete system files.

Mitigation and Prevention

Taking immediate steps and implementing long-term security practices are crucial to mitigate the risks associated with CVE-2020-28645.

Immediate Steps to Take

Upgrade ownCloud/core to version 10.6 or higher to patch the vulnerability.
Restrict user deletion permissions to trusted administrators only.
Regularly monitor user activities for suspicious behavior.

Long-Term Security Practices

Implement strong access controls and user validation mechanisms.
Conduct regular security audits and penetration testing to identify and address vulnerabilities.

Patching and Updates

Stay informed about security advisories and promptly apply patches released by ownCloud to address known vulnerabilities.