CVE-2021-28544 : Apache Subversion SVN authz protected copyfrom paths regression Subversion serve

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable.

Published 2022-04-12 18:15:08

Updated 2023-02-11 17:44:51

Source Apache Software Foundation

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2021-28544

Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Matching versions
Apache » Subversion
Versions from including (>=) 1.10.0 and up to, including, (<=) 1.14.1
cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
Matching versions
Apple » Macos
Versions from including (>=) 12.0 and before (<) 12.5
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 36
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-28544

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 22 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-28544

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.5	LOW	AV:N/AC:M/Au:S/C:P/I:N/A:N	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	2.8	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2021-28544

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Assigned by:
- nvd@nist.gov (Secondary)
- security@apache.org (Primary)

References for CVE-2021-28544

https://subversion.apache.org/security/CVE-2021-28544-advisory.txt

Exploit;Patch;Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/

[SECURITY] Fedora 36 Update: subversion-1.14.2-5.fc36 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
http://seclists.org/fulldisclosure/2022/Jul/18

Full Disclosure: APPLE-SA-2022-07-20-2 macOS Monterey 12.5
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/

[SECURITY] Fedora 35 Update: subversion-1.14.2-5.fc35 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://www.debian.org/security/2022/dsa-5119

Debian -- Security Information -- DSA-5119-1 subversion
Third Party Advisory

CVEs referencing this url
https://support.apple.com/kb/HT213345

About the security content of macOS Monterey 12.5 - Apple Support
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-28544

Products affected by CVE-2021-28544

Exploit prediction scoring system (EPSS) score for CVE-2021-28544

CVSS scores for CVE-2021-28544

CWE ids for CVE-2021-28544

References for CVE-2021-28544