CVE-2017-9800

9.8CRITICAL

Key Information:

Vendor
Apache
Status
Apache Subversion
Vendor
CVE Published:
11 August 2017

Summary

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

Affected Version(s)

Apache Subversion 1.0.0 to 1.8.18

Apache Subversion 1.9.0 to 1.9.6

References

https://lists.apache.org/thread.html/cb607dc2f13bab976914...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/100259
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/540999/100/0/threaded
mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.