CVE-2014-3528
Description
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
3.375
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2014-3522,CVE-2014-3528,CVE-2014-3580,CVE-2014-8108 are affected in Command Line Tools for XCode for Mac 6.1.1 | Mac |
| Multiple Vulnerabilities are affected in Command Line Tools for XCode for Mac 6.1.1 | Mac |
| Advanced version control system (USN-2316-1) libsvn1_1.8.8-1ubuntu3.2_i386.deb | Linux |
| Advanced version control system (USN-2316-1) libsvn1_1.8.8-1ubuntu3.2_amd64.deb | Linux |
| Advanced version control system (USN-2316-1) subversion_1.8.8-1ubuntu3.2_i386.deb | Linux |
| Advanced version control system (USN-2316-1) subversion_1.8.8-1ubuntu3.2_amd64.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-607901 | Command Line Tools for XCode for Mac 15.3 (Deployment-Only) |
| PATCH-607901 | Command Line Tools for XCode for Mac 15.3 (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234