Lucene search

[email protected]NVD:CVE-2013-2088

HistoryJul 31, 2013 - 1:20 p.m.

CVE-2013-2088

2013-07-3113:20:24

CWE-20

[email protected]

web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.2%

JSON

contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.

Affected configurations

NVD

Node

apachesubversionRange≤1.6.21

apachesubversionMatch1.6.0

apachesubversionMatch1.6.1

apachesubversionMatch1.6.2

apachesubversionMatch1.6.3

apachesubversionMatch1.6.4

apachesubversionMatch1.6.5

apachesubversionMatch1.6.6

apachesubversionMatch1.6.7

apachesubversionMatch1.6.8

apachesubversionMatch1.6.9

apachesubversionMatch1.6.10

apachesubversionMatch1.6.11

apachesubversionMatch1.6.12

apachesubversionMatch1.6.13

apachesubversionMatch1.6.14

apachesubversionMatch1.6.15

apachesubversionMatch1.6.16

apachesubversionMatch1.6.17

apachesubversionMatch1.6.18

apachesubversionMatch1.6.19

apachesubversionMatch1.6.20

collabnetsubversionMatch1.6.17

Node

opensuseopensuseMatch11.4

References

lists.opensuse.org/opensuse-updates/2013-07/msg00015.html

mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvRK51pQsybfvsAzjxQJrmVpL0fEa1K4WGkUP9Tzz6KFDw%40mail.gmail.com%3E

mail-archives.apache.org/mod_mbox/subversion-announce/201305.mbox/%3CCADkdwvTxsMFeHgc8bK2V-2PrSrKoBffTi8%2BxbHA5tocrrewWew%40mail.gmail.com%3E

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18772

subversion.apache.org/security/CVE-2013-2088-advisory.txt

www.exploit-db.com/exploits/40507/

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.2%

JSON

Related for NVD:CVE-2013-2088

cve1 nessus7 debiancve1 prion1 cvelist1 zdt1 exploitpack1 freebsd1 packetstorm1 seebug1 ubuntucve1 exploitdb1 openvas3 fedora1 gentoo1