CVE-2015-3184
Description
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
17.005
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-3184,CVE-2015-3187,CVE-2016-1765 are affected in Command Line Tools for XCode for Mac 7.2.1 | Mac |
| subversion security update(DSA-3331-1) subversion_1.6.17dfsg-4+deb7u10_i386.deb | Linux |
| subversion security update(DSA-3561-1) subversion_1.8.10-6+deb8u4_i386.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-607901 | Command Line Tools for XCode for Mac 15.3 (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234