#VU19589 Reachable Assertion in Subversion - CVE-2018-11782


Vulnerability identifier: #VU19589

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-11782

CWE-ID: CWE-617

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Subversion
Server applications / Frameworks for developing and running applications

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling svnserve 'get-deleted-rev' requests. A remote authenticated attacker with read-only permissions can make the server to reply with incorrect revision number that will lead to svnserve crash.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Subversion: 1.9.0 beta1 - 1.9.11, 1.10.0 rc1 - 1.12.1

External links
https://subversion.apache.org/security/CVE-2018-11782-advisory.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


VMware Tanzu products update for Subversion
Multiple vulnerabilities in IBM QRadar Network Security
Multiple vulnerabilities in Cloud Foundry Foundation cflinuxfs3
Ubuntu update for subversion
Multiple vulnerabilities in Yokogawa CENTUM, ProSafe-RS and B/M9000 VP
Red Hat Enterprise Linux 8 update for the subversion:1.10 module
Red Hat Enterprise Linux 7 update for subversion
Amazon Linux AMI update for subversion
Arch Linux update for subversion
OpenSUSE Linux update for subversion