CVE-2010-3315

medium

Apache

CVSS v3 Base Score

6.0

AV:N/AC:M/Au:S/C:P/I:P/A:P

EPSS Score

0.4%

Exploitation probability in 30 days

Top 42% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

Availability

Published: October 4, 2010 (5701 days ago)

Last Modified: April 29, 2026

Vendor: Apache

Source: NVD

Description

authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.

CWE

CWE-16

Affected Products

apache subversion

References

🔗 lists.apple.com 🔗 lists.opensuse.org 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com

CVE-2010-3315

Vulnerability Report

Description

CWE

Affected Products

References