{"containers": {"cna": {"affected": [{"product": "Apache Subversion", "vendor": "Apache Software Foundation", "versions": [{"status": "unaffected", "version": "mod_authz_svn 1.10.7"}, {"lessThan": "1.14.1", "status": "affected", "version": "mod_authz_svn", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Thomas \u00c5kesson (simonsoft.se)"}], "descriptions": [{"lang": "en", "value": "Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-04T08:06:27", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"}, {"name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Remote unauthenticated denial-of-service in Subversion mod_authz_svn", "workarounds": [{"lang": "en", "value": "As a workaround, the use of in-repository authz rules files with the AuthzSVNReposRelativeAccessFile can be avoided by switching to an alternative configuration which fetches an authz rules file from the server's filesystem, rather than from an SVN repository."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2020-17525", "STATE": "PUBLIC", "TITLE": "Remote unauthenticated denial-of-service in Subversion mod_authz_svn"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Subversion", "version": {"version_data": [{"version_affected": "<", "version_name": "mod_authz_svn", "version_value": "1.14.1"}, {"version_affected": "!", "version_name": "mod_authz_svn", "version_value": "1.10.7"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "Thomas \u00c5kesson (simonsoft.se)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476 NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt", "refsource": "MISC", "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"}, {"name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"}]}, "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "As a workaround, the use of in-repository authz rules files with the AuthzSVNReposRelativeAccessFile can be avoided by switching to an alternative configuration which fetches an authz rules file from the server's filesystem, rather than from an SVN repository."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T14:00:48.595Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"}, {"name": "[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-17525", "datePublished": "2021-03-17T09:20:14", "dateReserved": "2020-08-12T00:00:00", "dateUpdated": "2024-08-04T14:00:48.595Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "matchCriteriaId": "693F5DB8-76CC-4A99-B83D-DAA6CF9A207E", "versionEndExcluding": "1.10.7", "versionStartIncluding": "1.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE489C7C-7BF8-40DC-83F1-95BF531ACDE7", "versionEndExcluding": "1.14.1", "versionStartIncluding": "1.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7"}, {"lang": "es", "value": "El m\u00f3dulo mod_authz_svn de Subversion se bloquear\u00e1 si el servidor est\u00e1 usando reglas de autenticaci\u00f3n en el repositorio con la opci\u00f3n AuthzSVNReposRelativeAccessFile y un cliente env\u00eda una petici\u00f3n para una URL de repositorio no existente.&#xa0;Esto puede causar interrupciones para los usuarios del servicio.&#xa0;Este problema se solucion\u00f3 en los servidores mod_dav_svn+mod_authz_svn versi\u00f3n 1.14.1 y los servidores mod_dav_svn+mod_authz_svn versi\u00f3n 1.10.7"}], "id": "CVE-2020-17525", "lastModified": "2022-01-01T18:03:00.273", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-17T10:15:11.873", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00000.html"}, {"source": "security@apache.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://subversion.apache.org/security/CVE-2020-17525-advisory.txt"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "security@apache.org", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank the Subversion security team for reporting this issue. Upstream acknowledges Thomas \u00c5kesson (simonsoft.se) as the original reporter.", "affected_release": [{"advisory": "RHSA-2021:0507", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "subversion:1.10-8030020210210135829.4035eae3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-15T00:00:00Z"}, {"advisory": "RHSA-2021:0509", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "subversion:1.10-8010020210211092435.fa3af259", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-02-15T00:00:00Z"}, {"advisory": "RHSA-2021:0508", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "subversion:1.10-8020020210211092052.f2093e77", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-02-15T00:00:00Z"}], "bugzilla": {"description": "subversion: Remote unauthenticated denial of service in mod_authz_svn", "id": "1922303", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922303"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7", "A null-pointer-dereference flaw was found in mod_authz_svn of subversion. This flaw allows a remote, unauthenticated attacker to cause a denial of service in some server configurations. The highest threat from this vulnerability is to system availability."], "mitigation": {"lang": "en:us", "value": "As per upstream \"As a workaround, the use of in-repository authz rules files with the AuthzSVNReposRelativeAccessFile can be avoided by switching to an alternative configuration which fetches an authz rules file from the server's filesystem, rather than from an SVN repository.\""}, "name": "CVE-2020-17525", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "subversion:1.14/subversion", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "subversion", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-02-10T12:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-17525\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-17525\nhttps://subversion.apache.org/security/CVE-2020-17525-advisory.txt"], "threat_severity": "Important", "upstream_fix": "subversion 1.14.1, subversion 1.10.7"}