6.4 Medium
AI Score
Confidence
Low
2.4 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:S/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions (ADT3).
CPE | Name | Operator | Version |
---|---|---|---|
apache:subversion | apache subversion | eq | 1.8.0 |
apache:subversion | apache subversion | eq | 1.8.1 |