CVE-2019-16935

MEDIUM

Description

The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.

References

https://bugs.python.org/issue38243

https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213

https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897

https://github.com/python/cpython/pull/16373

https://usn.ubuntu.com/4151-1/

https://usn.ubuntu.com/4151-2/

https://security.netapp.com/advisory/ntap-20191017-0004/

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/

https://lists.fedoraproject.org/archives/list/[email protected]/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

https://lists.fedoraproject.org/archives/list/[email protected]/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/

https://lists.fedoraproject.org/archives/list/[email protected]/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

https://lists.fedoraproject.org/archives/list/[email protected]/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/

https://lists.fedoraproject.org/archives/list/[email protected]/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html

Details

Source: MITRE

Published: 2019-09-28

Updated: 2021-04-17

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.7.0 to 3.7.4 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.0 to 3.6.9 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions up to 2.7.16 (inclusive)

Tenable Plugins

View all (54 total)

IDNameProductFamilySeverity
148749Debian DLA-2628-1 : python2.7 security updateNessusDebian Local Security Checks
medium
147364NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2021-0059)NessusNewStart CGSL Local Security Checks
medium
147302NewStart CGSL CORE 5.04 / MAIN 5.04 : python3 Multiple Vulnerabilities (NS-SA-2021-0029)NessusNewStart CGSL Local Security Checks
medium
145883CentOS 8 : python3 (CESA-2020:4433)NessusCentOS Local Security Checks
medium
145389openSUSE Security Update : python3 (openSUSE-2020-2333)NessusSuSE Local Security Checks
high
145326openSUSE Security Update : python3 (openSUSE-2020-2332)NessusSuSE Local Security Checks
high
144586SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:3930-1)NessusSuSE Local Security Checks
high
143782SUSE SLES12 Security Update : python3 (SUSE-SU-2020:2699-1)NessusSuSE Local Security Checks
medium
143286CentOS 7 : python (CESA-2020:3911)NessusCentOS Local Security Checks
medium
143092RHEL 7 : python (RHSA-2020:3911)NessusRed Hat Local Security Checks
medium
142786Oracle Linux 8 : python3 (ELSA-2020-4433)NessusOracle Linux Local Security Checks
medium
142400RHEL 8 : python3 (RHSA-2020:4433)NessusRed Hat Local Security Checks
medium
141770Scientific Linux Security Update : python3 on SL7.x x86_64 (20201001)NessusScientific Linux Local Security Checks
medium
141713Scientific Linux Security Update : python on SL7.x x86_64 (20201001)NessusScientific Linux Local Security Checks
medium
141631CentOS 7 : python3 (CESA-2020:3888)NessusCentOS Local Security Checks
medium
141258Oracle Linux 7 : python (ELSA-2020-3911)NessusOracle Linux Local Security Checks
medium
141218Oracle Linux 7 : python3 (ELSA-2020-3888)NessusOracle Linux Local Security Checks
medium
141029RHEL 7 : python3 (RHSA-2020:3888)NessusRed Hat Local Security Checks
medium
138529Debian DLA-2280-1 : python3.5 security updateNessusDebian Local Security Checks
medium
134741EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1275)NessusHuawei Local Security Checks
medium
134501EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1212)NessusHuawei Local Security Checks
medium
133653Amazon Linux AMI : python27 / python35,python36 (ALAS-2020-1342)NessusAmazon Linux Local Security Checks
medium
133259SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy)NessusSuSE Local Security Checks
critical
133172openSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)NessusSuSE Local Security Checks
critical
133073NewStart CGSL CORE 5.05 / MAIN 5.05 : python Vulnerability (NS-SA-2020-0002)NessusNewStart CGSL Local Security Checks
medium
133036SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy)NessusSuSE Local Security Checks
critical
132802EulerOS Virtualization for ARM 64 3.0.5.0 : python3 (EulerOS-SA-2020-1048)NessusHuawei Local Security Checks
medium
132798EulerOS Virtualization for ARM 64 3.0.5.0 : python2 (EulerOS-SA-2020-1044)NessusHuawei Local Security Checks
medium
132783Fedora 31 : python36 (2019-a268ba7b23)NessusFedora Local Security Checks
medium
132781Fedora 30 : python36 (2019-7ec5bb5d22)NessusFedora Local Security Checks
medium
132465NewStart CGSL CORE 5.04 / MAIN 5.04 : python Vulnerability (NS-SA-2019-0260)NessusNewStart CGSL Local Security Checks
medium
132188EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2653)NessusHuawei Local Security Checks
medium
131596EulerOS 2.0 SP2 : python (EulerOS-SA-2019-2442)NessusHuawei Local Security Checks
medium
130943SUSE SLES12 Security Update : python (SUSE-SU-2019:2748-2)NessusSuSE Local Security Checks
medium
130886openSUSE Security Update : python3 (openSUSE-2019-2453)NessusSuSE Local Security Checks
medium
130824EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-2115)NessusHuawei Local Security Checks
medium
130823EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-2114)NessusHuawei Local Security Checks
medium
130797Fedora 29 : python35 (2019-d202cda4f8)NessusFedora Local Security Checks
medium
130793Fedora 30 : python35 (2019-b06ec6159b)NessusFedora Local Security Checks
medium
130790Fedora 29 : python2 / python2-docs (2019-758824a3ff)NessusFedora Local Security Checks
medium
130789Fedora 30 : python2 / python2-docs (2019-74ba24605e)NessusFedora Local Security Checks
medium
130784Fedora 31 : python35 (2019-57462fa10d)NessusFedora Local Security Checks
medium
130776Fedora 31 : python2 / python2-docs (2019-0d3fcae639)NessusFedora Local Security Checks
medium
130687EulerOS 2.0 SP5 : python (EulerOS-SA-2019-2225)NessusHuawei Local Security Checks
medium
130579openSUSE Security Update : python3 (openSUSE-2019-2438)NessusSuSE Local Security Checks
medium
130388SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2019:2802-1)NessusSuSE Local Security Checks
medium
130339openSUSE Security Update : python (openSUSE-2019-2393)NessusSuSE Local Security Checks
medium
130337openSUSE Security Update : python (openSUSE-2019-2389)NessusSuSE Local Security Checks
medium
130193SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:2748-1)NessusSuSE Local Security Checks
medium
130164SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2019:2743-1)NessusSuSE Local Security Checks
medium
130115Photon OS 2.0: Python3 PHSA-2019-2.0-0182NessusPhotonOS Local Security Checks
medium
130114Photon OS 2.0: Python2 PHSA-2019-2.0-0182NessusPhotonOS Local Security Checks
medium
130103Photon OS 3.0: Python2 PHSA-2019-3.0-0035NessusPhotonOS Local Security Checks
medium
129774Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python2.7, python3.5, python3.6, python3.7 vulnerabilities (USN-4151-1)NessusUbuntu Local Security Checks
medium