CVE-2020-17525
Vulnerability from cvelistv5
Published
2021-03-17 09:20
Modified
2024-08-04 14:00
Severity ?
Summary
Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T14:00:48.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"
          },
          {
            "name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Subversion",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "unaffected",
              "version": "mod_authz_svn 1.10.7"
            },
            {
              "lessThan": "1.14.1",
              "status": "affected",
              "version": "mod_authz_svn",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Thomas \u00c5kesson (simonsoft.se)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Subversion\u0027s mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-04T08:06:27",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"
        },
        {
          "name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Remote unauthenticated denial-of-service in Subversion mod_authz_svn",
      "workarounds": [
        {
          "lang": "en",
          "value": "As a workaround, the use of in-repository authz rules files with the AuthzSVNReposRelativeAccessFile can be avoided by switching to an alternative configuration which fetches an authz rules file from the server\u0027s filesystem, rather than from an SVN repository."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2020-17525",
          "STATE": "PUBLIC",
          "TITLE": "Remote unauthenticated denial-of-service in Subversion mod_authz_svn"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Subversion",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "mod_authz_svn",
                            "version_value": "1.14.1"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "mod_authz_svn",
                            "version_value": "1.10.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Thomas \u00c5kesson (simonsoft.se)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Subversion\u0027s mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476 NULL Pointer Dereference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt",
              "refsource": "MISC",
              "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"
            },
            {
              "name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "As a workaround, the use of in-repository authz rules files with the AuthzSVNReposRelativeAccessFile can be avoided by switching to an alternative configuration which fetches an authz rules file from the server\u0027s filesystem, rather than from an SVN repository."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2020-17525",
    "datePublished": "2021-03-17T09:20:14",
    "dateReserved": "2020-08-12T00:00:00",
    "dateUpdated": "2024-08-04T14:00:48.595Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-17525\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-03-17T10:15:11.873\",\"lastModified\":\"2024-11-21T05:08:17.650\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Subversion\u0027s mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7\"},{\"lang\":\"es\",\"value\":\"El m\u00f3dulo mod_authz_svn de Subversion se bloquear\u00e1 si el servidor est\u00e1 usando reglas de autenticaci\u00f3n en el repositorio con la opci\u00f3n AuthzSVNReposRelativeAccessFile y un cliente env\u00eda una petici\u00f3n para una URL de repositorio no existente.\u0026#xa0;Esto puede causar interrupciones para los usuarios del servicio.\u0026#xa0;Este problema se solucion\u00f3 en los servidores mod_dav_svn+mod_authz_svn versi\u00f3n 1.14.1 y los servidores mod_dav_svn+mod_authz_svn versi\u00f3n 1.10.7\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.10.7\",\"matchCriteriaId\":\"693F5DB8-76CC-4A99-B83D-DAA6CF9A207E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11.0\",\"versionEndExcluding\":\"1.14.1\",\"matchCriteriaId\":\"AE489C7C-7BF8-40DC-83F1-95BF531ACDE7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://subversion.apache.org/security/CVE-2020-17525-advisory.txt\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://subversion.apache.org/security/CVE-2020-17525-advisory.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.