CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
17.1%
Python is prone to an access control vulnerability.
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:python:python";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.152212");
script_version("2024-08-14T05:05:52+0000");
script_tag(name:"last_modification", value:"2024-08-14 05:05:52 +0000 (Wed, 14 Aug 2024)");
script_tag(name:"creation_date", value:"2024-05-14 03:13:27 +0000 (Tue, 14 May 2024)");
script_tag(name:"cvss_base", value:"5.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_cve_id("CVE-2024-4030");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Python Access Control Vulnerability (May 2024) - Windows");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("General");
script_dependencies("gb_python_consolidation.nasl", "os_detection.nasl");
script_mandatory_keys("python/detected", "Host/runs_windows");
script_tag(name:"summary", value:"Python is prone to an access control vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"On Windows a directory returned by tempfile.mkdtemp() would not
always have permissions set to restrict reading and writing to the temporary directory by other
users, instead usually inheriting the correct permissions from the default location. Alternate
configurations or users without a profile directory may not have the intended permissions.");
script_tag(name:"affected", value:"Python prior to version 3.12.4.");
script_tag(name:"solution", value:"Update to version 3.12.4 or later.");
script_xref(name:"URL", value:"https://mail.python.org/archives/list/[email protected]/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/");
script_xref(name:"URL", value:"https://github.com/python/cpython/issues/118486");
script_xref(name:"URL", value:"https://github.com/python/cpython/pull/118488");
script_xref(name:"URL", value:"https://github.com/python/cpython/pull/118515");
script_xref(name:"URL", value:"https://github.com/python/cpython/pull/118737");
script_xref(name:"URL", value:"https://osv.dev/vulnerability/PSF-2024-3");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (isnull(port = get_app_port(cpe: CPE)))
exit(0);
if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE,
version_regex: "^[0-9]+\.[0-9]+\.[0-9]+"))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_is_less(version: version, test_version: "3.12.4")) {
report = report_fixed_ver(installed_version: version, fixed_version: "3.12.4", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
17.1%