CVE-2013-4246

HIGH

Apache Subversion - Improper Access Control

Title source: rule

Description

libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/101620

[Issue Tracking, Patch, Vendor Advisory] https://subversion.apache.org/security/CVE-2013-4246-advisory.txt

Scores

CVSS v3 8.8

EPSS 0.0039

EPSS Percentile 59.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-284

Status draft

Affected Products (5)

apache/subversion

Timeline

Published Oct 30, 2017

Tracked Since Feb 18, 2026