CVE-2010-3315

Subversion: Access restriction bypass by checkout of the root of the repository

Severity Score

6.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.

authz.c del módulo mod_dav_svn del servidor HTTP Apache, como se ha distribuído en Apache Subversion v1.5.x anteriores a la v1.5.8 y v1.6.x anteriores a la v1.6.13, cuando SVNPathAuthz short_circuit está activo, no maneja apropiadamente un repositorio con nombre como una regla de alcance, lo que permite a usuarios autenticados remotos evitar las restricciones previstas a través de comandos svn.

It was discovered that Subversion incorrectly handled certain 'partial access' privileges in rare scenarios. Remote authenticated users could use this flaw to obtain sensitive information (revision properties). This issue only applied to Ubuntu 6.06 LTS. It was discovered that the Subversion mod_dav_svn module for Apache did not properly handle a named repository as a rule scope. Remote authenticated users could use this flaw to bypass intended restrictions. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10. It was discovered that the Subversion mod_dav_svn module for Apache incorrectly handled the walk function. Remote authenticated users could use this flaw to cause the service to crash, leading to a denial of service. It was discovered that Subversion incorrectly handled certain memory operations. Remote authenticated users could use this flaw to consume large quantities of memory and cause the service to crash, leading to a denial of service. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-09-13 CVE Reserved
2010-10-04 CVE Published
2024-08-07 CVE Updated
2025-07-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-16: Configuration

CAPEC

References (16)

URL	Tag	Source
http://secunia.com/advisories/43139	Third Party Advisory
http://secunia.com/advisories/43346	Third Party Advisory
http://security-tracker.debian.org/tracker/CVE-2010-3315	X_refsource_confirm
http://support.apple.com/kb/HT4581	X_refsource_confirm
http://www.vupen.com/english/advisories/2011/0264	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19007	Signature

URL	Date	SRC

URL	Date	SRC
http://subversion.apache.org/security/CVE-2010-3315-advisory.txt	2017-09-19

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	2017-09-19
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	2017-09-19
http://secunia.com/advisories/41652	2017-09-19
http://www.debian.org/security/2010/dsa-2118	2017-09-19
http://www.mandriva.com/security/advisories?name=MDVSA-2010:199	2017-09-19
http://www.redhat.com/support/errata/RHSA-2011-0258.html	2017-09-19
http://www.ubuntu.com/usn/USN-1053-1	2017-09-19
https://access.redhat.com/security/cve/CVE-2010-3315	2011-02-15
https://bugzilla.redhat.com/show_bug.cgi?id=640317	2011-02-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.0 Search vendor "Apache" for product "Subversion" and version "1.6.0"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.1 Search vendor "Apache" for product "Subversion" and version "1.6.1"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.2 Search vendor "Apache" for product "Subversion" and version "1.6.2"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.3 Search vendor "Apache" for product "Subversion" and version "1.6.3"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.4 Search vendor "Apache" for product "Subversion" and version "1.6.4"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.5 Search vendor "Apache" for product "Subversion" and version "1.6.5"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.6 Search vendor "Apache" for product "Subversion" and version "1.6.6"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.7 Search vendor "Apache" for product "Subversion" and version "1.6.7"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.8 Search vendor "Apache" for product "Subversion" and version "1.6.8"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.9 Search vendor "Apache" for product "Subversion" and version "1.6.9"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.10 Search vendor "Apache" for product "Subversion" and version "1.6.10"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.11 Search vendor "Apache" for product "Subversion" and version "1.6.11"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.6.12 Search vendor "Apache" for product "Subversion" and version "1.6.12"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.0 Search vendor "Apache" for product "Subversion" and version "1.5.0"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.1 Search vendor "Apache" for product "Subversion" and version "1.5.1"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.2 Search vendor "Apache" for product "Subversion" and version "1.5.2"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.3 Search vendor "Apache" for product "Subversion" and version "1.5.3"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.4 Search vendor "Apache" for product "Subversion" and version "1.5.4"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.5 Search vendor "Apache" for product "Subversion" and version "1.5.5"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.6 Search vendor "Apache" for product "Subversion" and version "1.5.6"		-		Affected
Apache Search vendor "Apache"		Subversion Search vendor "Apache" for product "Subversion"				1.5.7 Search vendor "Apache" for product "Subversion" and version "1.5.7"		-		Affected