CVE-2013-4246

moderate-risk

Published 2017-10-30

libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.

Do I need to act?

0.39% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (5)

Subversion

Affected Vendors

Apache

References (4)

Third Party Advisory http://www.securityfocus.com/bid/101620

Issue Tracking https://subversion.apache.org/security/CVE-2013-4246-advisory.txt

Third Party Advisory http://www.securityfocus.com/bid/101620

Issue Tracking https://subversion.apache.org/security/CVE-2013-4246-advisory.txt

/ 100

moderate-risk

Severity 30/34 · Critical

Exploitability 1/34 · Minimal

Exposure 12/34 · Low