Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.
ownCloud is a widely used open-source file synchronization and sharing solution designed for those who wish to manage and share data through a self-hosted platform.
On November 21, the software's developers
published security bulletins for three vulnerabilities that could lead to data breaches, urging ownCloud administrators to apply the recommended mitigations immediately.
Of the three flaws,
CVE-2023-49103 received a maximum CVSS severity score of 10.0 as it allows a remote threat actor to execute
phpinfo() through the ownCloud 'graphapi' app, which reveals the server's environment variables, including credentials stored within them.
"In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key," reads the
CVE-2023-49103 advisory.
Also, if other services in the same environment use the same variants and configurations, the same credentials can be used to access those services as well, expanding the breach.
