What is the severity of CVE-2015-3184?

CVE-2015-3184 is rated as a medium severity vulnerability due to the risk of exposing hidden files to unauthorized users.

How do I fix CVE-2015-3184?

To fix CVE-2015-3184, upgrade to Apache Subversion version 1.7.21 or higher, or 1.8.14 or higher.

What systems are affected by CVE-2015-3184?

CVE-2015-3184 affects Apache Subversion versions 1.7.x before 1.7.21 and 1.8.x before 1.8.14 when using Apache httpd 2.4.x.

Can CVE-2015-3184 lead to data breaches?

Yes, CVE-2015-3184 can potentially lead to data breaches by allowing anonymous users to read sensitive files.

What does CVE-2015-3184 exploit?

CVE-2015-3184 exploits improper restrictions on anonymous access within mod_authz_svn.

Vulnerability/
CVE-2015-3184

medium

CWE

200

12/8/2015

6/8/2024

CVE-2015-3184: Infoleak

First published: Wed Aug 12 2015(Updated: )

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Apple Xcode	<=7.2.1
CollabNet Subversion	=1.7.0
CollabNet Subversion	=1.7.1
CollabNet Subversion	=1.7.2
CollabNet Subversion	=1.7.3
CollabNet Subversion	=1.7.4
CollabNet Subversion	=1.7.5
CollabNet Subversion	=1.7.6
CollabNet Subversion	=1.7.7
CollabNet Subversion	=1.7.8
CollabNet Subversion	=1.7.9
CollabNet Subversion	=1.7.10
CollabNet Subversion	=1.7.11
CollabNet Subversion	=1.7.12
CollabNet Subversion	=1.7.13
CollabNet Subversion	=1.7.14
CollabNet Subversion	=1.7.15
CollabNet Subversion	=1.7.16
CollabNet Subversion	=1.7.17
CollabNet Subversion	=1.7.18
CollabNet Subversion	=1.7.19
CollabNet Subversion	=1.7.20
CollabNet Subversion	=1.8.0
CollabNet Subversion	=1.8.1
CollabNet Subversion	=1.8.2
CollabNet Subversion	=1.8.3
CollabNet Subversion	=1.8.4
CollabNet Subversion	=1.8.5
CollabNet Subversion	=1.8.6
CollabNet Subversion	=1.8.7
CollabNet Subversion	=1.8.8
CollabNet Subversion	=1.8.9
CollabNet Subversion	=1.8.10
CollabNet Subversion	=1.8.11
CollabNet Subversion	=1.8.13
Apache Http Server	=2.4.1
Apache Http Server	=2.4.2
Apache Http Server	=2.4.3
Apache Http Server	=2.4.4
Apache Http Server	=2.4.6
Apache Http Server	=2.4.7
Apache Http Server	=2.4.9
Apache Http Server	=2.4.10
Apache Http Server	=2.4.12
Apache Http Server	=2.4.14
Apache Http Server	=2.4.16

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3184?
CVE-2015-3184 is rated as a medium severity vulnerability due to the risk of exposing hidden files to unauthorized users.
How do I fix CVE-2015-3184?
To fix CVE-2015-3184, upgrade to Apache Subversion version 1.7.21 or higher, or 1.8.14 or higher.
What systems are affected by CVE-2015-3184?
CVE-2015-3184 affects Apache Subversion versions 1.7.x before 1.7.21 and 1.8.x before 1.8.14 when using Apache httpd 2.4.x.
Can CVE-2015-3184 lead to data breaches?
Yes, CVE-2015-3184 can potentially lead to data breaches by allowing anonymous users to read sensitive files.
What does CVE-2015-3184 exploit?
CVE-2015-3184 exploits improper restrictions on anonymous access within mod_authz_svn.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/softwarecombine
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple xcode
version/apple xcode/7.2.1
vendor/apache
canonical/collabnet subversion
version/collabnet subversion/1.7.0
version/collabnet subversion/1.7.1
version/collabnet subversion/1.7.2
version/collabnet subversion/1.7.3
version/collabnet subversion/1.7.4
version/collabnet subversion/1.7.5
version/collabnet subversion/1.7.6
version/collabnet subversion/1.7.7
version/collabnet subversion/1.7.8
version/collabnet subversion/1.7.9
version/collabnet subversion/1.7.10
version/collabnet subversion/1.7.11
version/collabnet subversion/1.7.12
version/collabnet subversion/1.7.13
version/collabnet subversion/1.7.14
version/collabnet subversion/1.7.15
version/collabnet subversion/1.7.16
version/collabnet subversion/1.7.17
version/collabnet subversion/1.7.18
version/collabnet subversion/1.7.19
version/collabnet subversion/1.7.20
version/collabnet subversion/1.8.0
version/collabnet subversion/1.8.1
version/collabnet subversion/1.8.2
version/collabnet subversion/1.8.3
version/collabnet subversion/1.8.4
version/collabnet subversion/1.8.5
version/collabnet subversion/1.8.6
version/collabnet subversion/1.8.7
version/collabnet subversion/1.8.8
version/collabnet subversion/1.8.9
version/collabnet subversion/1.8.10
version/collabnet subversion/1.8.11
version/collabnet subversion/1.8.13
canonical/apache http server
version/apache http server/2.4.1
version/apache http server/2.4.2
version/apache http server/2.4.3
version/apache http server/2.4.4
version/apache http server/2.4.6
version/apache http server/2.4.7
version/apache http server/2.4.9
version/apache http server/2.4.10
version/apache http server/2.4.12
version/apache http server/2.4.14
version/apache http server/2.4.16