CVE-2012-3356

Name of the Vulnerable Software and Affected Versions ViewVC versions prior to 1.1.15

Description The issue concerns the remote SVN views functionality in ViewVC, where improper authorization allows remote attackers to bypass intended access restrictions. This could lead to a breach of confidentiality of protected information. The exploitation of these vulnerabilities can be carried out remotely.

Recommendations For versions prior to 1.1.15, update to version 1.1.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the lib/vclib/svn/svn ra.py module to minimize the risk of exploitation.