7.1 High
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.0%
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.
CPE | Name | Operator | Version |
---|---|---|---|
subversion | eq | 1.4.0 | |
subversion | eq | 1.4.1 | |
subversion | eq | 1.4.2 | |
subversion | eq | 1.4.3 | |
subversion | eq | 1.4.4 | |
subversion | eq | 1.4.5 | |
subversion | eq | 1.4.6 | |
subversion | eq | 1.5.0 | |
subversion | eq | 1.5.1 | |
subversion | eq | 1.5.2 |