PT-2019-6492 · Viewvc · Viewvc
Chung-Chieh Shan
·
Published
2019-11-07
·
Updated
2020-08-18
·
CVE-2007-5743
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
viewvc version 1.0.3
Description
The issue allows improper access control to files in a repository when using the
forbidden configuration option.Recommendations
For viewvc version 1.0.3, consider restricting access to the repository or reconfiguring the
forbidden option to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Viewvc