Lucene search

PRIOn knowledge basePRION:CVE-2009-0240

HistoryJan 21, 2009 - 2:30 a.m.

Design/Logic Flaw

2009-01-2102:30:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

63.5%

JSON

listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.

CPENameOperatorVersion
websvneq2.0

CPE	Name	Operator	Version
	websvn	eq	2.0

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191

secunia.com/advisories/32338

secunia.com/advisories/33945

secunia.com/advisories/34191

www.debian.org/security/2009/dsa-1725

www.gentoo.org/security/en/glsa/glsa-200903-20.xml

www.openwall.com/lists/oss-security/2009/01/18/2

exchange.xforce.ibmcloud.com/vulnerabilities/48171

6.6 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

63.5%

JSON

Related for PRION:CVE-2009-0240