What is the severity of CVE-2015-0251?

CVE-2015-0251 has a medium severity rating due to its ability to allow remote authenticated users to spoof the svn:author property.

How do I fix CVE-2015-0251?

To fix CVE-2015-0251, upgrade to Subversion version 1.8.12 or later, or apply patches as recommended by your vendor.

What versions of Subversion are affected by CVE-2015-0251?

CVE-2015-0251 affects Subversion versions 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11.

Can CVE-2015-0251 lead to unauthorized changes?

Yes, CVE-2015-0251 can lead to unauthorized changes by allowing attackers to spoof the author of commits.

Who is at risk of CVE-2015-0251?

Remote authenticated users of Subversion who are using affected versions are at risk of the CVE-2015-0251 vulnerability.

Vulnerability/
CVE-2015-0251

medium

CWE

345

8/4/2015

6/8/2024

CVE-2015-0251

First published: Wed Apr 08 2015(Updated: )

The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
CollabNet Subversion	=1.5.0
CollabNet Subversion	=1.5.1
CollabNet Subversion	=1.5.2
CollabNet Subversion	=1.5.3
CollabNet Subversion	=1.5.4
CollabNet Subversion	=1.5.5
CollabNet Subversion	=1.5.6
CollabNet Subversion	=1.5.7
CollabNet Subversion	=1.5.8
CollabNet Subversion	=1.6.0
CollabNet Subversion	=1.6.1
CollabNet Subversion	=1.6.2
CollabNet Subversion	=1.6.3
CollabNet Subversion	=1.6.4
CollabNet Subversion	=1.6.5
CollabNet Subversion	=1.6.6
CollabNet Subversion	=1.6.7
CollabNet Subversion	=1.6.8
CollabNet Subversion	=1.6.9
CollabNet Subversion	=1.6.10
CollabNet Subversion	=1.6.11
CollabNet Subversion	=1.6.12
CollabNet Subversion	=1.6.13
CollabNet Subversion	=1.6.14
CollabNet Subversion	=1.6.15
CollabNet Subversion	=1.6.16
CollabNet Subversion	=1.6.17
CollabNet Subversion	=1.6.18
CollabNet Subversion	=1.6.19
CollabNet Subversion	=1.6.20
CollabNet Subversion	=1.6.21
CollabNet Subversion	=1.6.23
CollabNet Subversion	=1.7.0
CollabNet Subversion	=1.7.1
CollabNet Subversion	=1.7.2
CollabNet Subversion	=1.7.3
CollabNet Subversion	=1.7.4
CollabNet Subversion	=1.7.5
CollabNet Subversion	=1.7.6
CollabNet Subversion	=1.7.7
CollabNet Subversion	=1.7.8
CollabNet Subversion	=1.7.9
CollabNet Subversion	=1.7.10
CollabNet Subversion	=1.7.11
CollabNet Subversion	=1.7.12
CollabNet Subversion	=1.7.13
CollabNet Subversion	=1.7.14
CollabNet Subversion	=1.7.15
CollabNet Subversion	=1.7.16
CollabNet Subversion	=1.7.17
CollabNet Subversion	=1.7.18
CollabNet Subversion	=1.7.19
CollabNet Subversion	=1.8.0
CollabNet Subversion	=1.8.1
CollabNet Subversion	=1.8.2
CollabNet Subversion	=1.8.3
CollabNet Subversion	=1.8.4
CollabNet Subversion	=1.8.5
CollabNet Subversion	=1.8.6
CollabNet Subversion	=1.8.7
CollabNet Subversion	=1.8.8
CollabNet Subversion	=1.8.9
CollabNet Subversion	=1.8.10
CollabNet Subversion	=1.8.11
openSUSE	=13.1
openSUSE	=13.2
redhat enterprise Linux desktop	=6.0
Red Hat Enterprise Linux HPC Node	=6.0
redhat enterprise Linux server	=6.0
redhat enterprise Linux server eus	=6.7.z
redhat enterprise Linux workstation	=6.0
Oracle Solaris SPARC	=11.3
Apple Xcode	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0251?
CVE-2015-0251 has a medium severity rating due to its ability to allow remote authenticated users to spoof the svn:author property.
How do I fix CVE-2015-0251?
To fix CVE-2015-0251, upgrade to Subversion version 1.8.12 or later, or apply patches as recommended by your vendor.
What versions of Subversion are affected by CVE-2015-0251?
CVE-2015-0251 affects Subversion versions 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11.
Can CVE-2015-0251 lead to unauthorized changes?
Yes, CVE-2015-0251 can lead to unauthorized changes by allowing attackers to spoof the author of commits.
Who is at risk of CVE-2015-0251?
Remote authenticated users of Subversion who are using affected versions are at risk of the CVE-2015-0251 vulnerability.

agent/references
agent/type
agent/author
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apache
canonical/collabnet subversion
version/collabnet subversion/1.5.0
version/collabnet subversion/1.5.1
version/collabnet subversion/1.5.2
version/collabnet subversion/1.5.3
version/collabnet subversion/1.5.4
version/collabnet subversion/1.5.5
version/collabnet subversion/1.5.6
version/collabnet subversion/1.5.7
version/collabnet subversion/1.5.8
version/collabnet subversion/1.6.0
version/collabnet subversion/1.6.1
version/collabnet subversion/1.6.2
version/collabnet subversion/1.6.3
version/collabnet subversion/1.6.4
version/collabnet subversion/1.6.5
version/collabnet subversion/1.6.6
version/collabnet subversion/1.6.7
version/collabnet subversion/1.6.8
version/collabnet subversion/1.6.9
version/collabnet subversion/1.6.10
version/collabnet subversion/1.6.11
version/collabnet subversion/1.6.12
version/collabnet subversion/1.6.13
version/collabnet subversion/1.6.14
version/collabnet subversion/1.6.15
version/collabnet subversion/1.6.16
version/collabnet subversion/1.6.17
version/collabnet subversion/1.6.18
version/collabnet subversion/1.6.19
version/collabnet subversion/1.6.20
version/collabnet subversion/1.6.21
version/collabnet subversion/1.6.23
version/collabnet subversion/1.7.0
version/collabnet subversion/1.7.1
version/collabnet subversion/1.7.2
version/collabnet subversion/1.7.3
version/collabnet subversion/1.7.4
version/collabnet subversion/1.7.5
version/collabnet subversion/1.7.6
version/collabnet subversion/1.7.7
version/collabnet subversion/1.7.8
version/collabnet subversion/1.7.9
version/collabnet subversion/1.7.10
version/collabnet subversion/1.7.11
version/collabnet subversion/1.7.12
version/collabnet subversion/1.7.13
version/collabnet subversion/1.7.14
version/collabnet subversion/1.7.15
version/collabnet subversion/1.7.16
version/collabnet subversion/1.7.17
version/collabnet subversion/1.7.18
version/collabnet subversion/1.7.19
version/collabnet subversion/1.8.0
version/collabnet subversion/1.8.1
version/collabnet subversion/1.8.2
version/collabnet subversion/1.8.3
version/collabnet subversion/1.8.4
version/collabnet subversion/1.8.5
version/collabnet subversion/1.8.6
version/collabnet subversion/1.8.7
version/collabnet subversion/1.8.8
version/collabnet subversion/1.8.9
version/collabnet subversion/1.8.10
version/collabnet subversion/1.8.11
vendor/opensuse
canonical/opensuse
version/opensuse/13.1
version/opensuse/13.2
vendor/redhat
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/6.0
canonical/red hat enterprise linux hpc node
version/red hat enterprise linux hpc node/6.0
canonical/redhat enterprise linux server
version/redhat enterprise linux server/6.0
canonical/redhat enterprise linux server eus
version/redhat enterprise linux server eus/6.7.z
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/6.0
vendor/oracle
canonical/oracle solaris sparc
version/oracle solaris sparc/11.3
vendor/apple
canonical/apple xcode
version/apple xcode/7.0

CVE-2015-0251

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0251?

How do I fix CVE-2015-0251?

What versions of Subversion are affected by CVE-2015-0251?

Can CVE-2015-0251 lead to unauthorized changes?

Who is at risk of CVE-2015-0251?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-0251?

How do I fix CVE-2015-0251?

What versions of Subversion are affected by CVE-2015-0251?

Can CVE-2015-0251 lead to unauthorized changes?

Who is at risk of CVE-2015-0251?