← Back

CVE-2014-3528

nvd nist
Published: Aug 19, 2014Modified: May 6, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:H/Au:N/C:P/I:P/A:N
Exploitability: 4.9 / Impact: 4.9
Source: NVD

Description

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

Affected (103)

Show all products
Opensuse: Opensuse · Apache: Subversion · Canonical: Ubuntu Linux · Apple: Xcode · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation
Opensuse
1 product
Opensuse
Apache
1 product
Subversion
Canonical
1 product
Ubuntu Linux
Apple
1 product
Xcode
Redhat
5 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Server Eus
Enterprise Linux Workstation
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 12.3
Opensuse
Version 13.1
Configuration B
89 vulnerable
Vulnerable SoftwareAffected Versions
Apache
Subversion
Version 1.0.0
Subversion
Version 1.0.1
Subversion
Version 1.0.2
Subversion
Version 1.0.3
Subversion
Version 1.0.4
Subversion
Version 1.0.5
Subversion
Version 1.0.6
Subversion
Version 1.0.7
Subversion
Version 1.0.8
Subversion
Version 1.0.9
Subversion
Version 1.1.0
Subversion
Version 1.1.1
Subversion
Version 1.1.2
Subversion
Version 1.1.3
Subversion
Version 1.1.4
Subversion
Version 1.2.0
Subversion
Version 1.2.1
Subversion
Version 1.2.2
Subversion
Version 1.2.3
Subversion
Version 1.3.0
Subversion
Version 1.3.1
Subversion
Version 1.3.2
Subversion
Version 1.4.0
Subversion
Version 1.4.1
Subversion
Version 1.4.2
Subversion
Version 1.4.3
Subversion
Version 1.4.4
Subversion
Version 1.4.5
Subversion
Version 1.4.6
Subversion
Version 1.5.0
Subversion
Version 1.5.1
Subversion
Version 1.5.2
Subversion
Version 1.5.3
Subversion
Version 1.5.4
Subversion
Version 1.5.5
Subversion
Version 1.5.6
Subversion
Version 1.5.7
Subversion
Version 1.5.8
Subversion
Version 1.6.0
Subversion
Version 1.6.10
Subversion
Version 1.6.11
Subversion
Version 1.6.12
Subversion
Version 1.6.13
Subversion
Version 1.6.14
Subversion
Version 1.6.15
Subversion
Version 1.6.16
Subversion
Version 1.6.17
Subversion
Version 1.6.18
Subversion
Version 1.6.19
Subversion
Version 1.6.1
Subversion
Version 1.6.20
Subversion
Version 1.6.21
Subversion
Version 1.6.23
Subversion
Version 1.6.2
Subversion
Version 1.6.3
Subversion
Version 1.6.4
Subversion
Version 1.6.5
Subversion
Version 1.6.6
Subversion
Version 1.6.7
Subversion
Version 1.6.8
Subversion
Version 1.6.9
Subversion
Version 1.7.0
Subversion
Version 1.7.10
Subversion
Version 1.7.11
Subversion
Version 1.7.12
Subversion
Version 1.7.13
Subversion
Version 1.7.14
Subversion
Version 1.7.15
Subversion
Version 1.7.16
Subversion
Version 1.7.17
Subversion
Version 1.7.1
Subversion
Version 1.7.2
Subversion
Version 1.7.3
Subversion
Version 1.7.4
Subversion
Version 1.7.5
Subversion
Version 1.7.6
Subversion
Version 1.7.7
Subversion
Version 1.7.8
Subversion
Version 1.7.9
Subversion
Version 1.8.0
Subversion
Version 1.8.1
Subversion
Version 1.8.2
Subversion
Version 1.8.3
Subversion
Version 1.8.4
Subversion
Version 1.8.5
Subversion
Version 1.8.6
Subversion
Version 1.8.7
Subversion
Version 1.8.8
Subversion
Version 1.8.9
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Xcode
Version 6.1.1
Configuration E
9 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux Desktop
Version 6.0
Enterprise Linux Desktop
Version 7.0
Redhat
Enterprise Linux Hpc Node
Version 6.0
Enterprise Linux Hpc Node
Version 7.0
Redhat
Enterprise Linux Server
Version 6.0
Enterprise Linux Server
Version 7.0
Enterprise Linux Server Eus
Version 6.6.z
Redhat
Enterprise Linux Workstation
Version 6.0
Enterprise Linux Workstation
Version 7.0

Related CWEs

CWE-255
CWE-255

References (26)

Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.