CVE-2021-29921
python-ipaddress: Improper input validation of octal strings
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
En Python antes de la versiones 3,9,5, la biblioteca ipaddress maneja mal los caracteres cero iniciales en los octetos de una cadena de direcciones IP. Esto (en algunas situaciones) permite a los atacantes eludir el control de acceso que se basa en las direcciones IP
A flaw was found in python-ipaddress. Improper input validation of octal strings in stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. The highest threat from this vulnerability is to data integrity and system availability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-04-01 CVE Reserved
- 2021-05-06 CVE Published
- 2024-01-20 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst | Third Party Advisory | |
| https://github.com/sickcodes | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20210622-0003 | Third Party Advisory |
|
| https://www.oracle.com/security-alerts/cpujul2022.html |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md | 2024-08-03 | |
| https://sick.codes/sick-2021-014 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://bugs.python.org/issue36384 | 2023-05-03 | |
| https://github.com/python/cpython/pull/12577 | 2023-05-03 | |
| https://github.com/python/cpython/pull/25099 | 2023-05-03 | |
| https://www.oracle.com//security-alerts/cpujul2021.html | 2023-05-03 | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | 2023-05-03 | |
| https://www.oracle.com/security-alerts/cpujan2022.html | 2023-05-03 | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | 2023-05-03 |
| URL | Date | SRC |
|---|---|---|
| https://docs.python.org/3/library/ipaddress.html | 2023-05-03 | |
| https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html | 2023-05-03 | |
| https://security.gentoo.org/glsa/202305-02 | 2023-05-03 | |
| https://access.redhat.com/security/cve/CVE-2021-29921 | 2021-11-09 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1957458 | 2021-11-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.8.0 < 3.8.12 Search vendor "Python" for product "Python" and version " >= 3.8.0 < 3.8.12" | - |
Affected
| ||||||
| Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.9.0 < 3.9.5 Search vendor "Python" for product "Python" and version " >= 3.9.0 < 3.9.5" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Automated Test Suite Search vendor "Oracle" for product "Communications Cloud Native Core Automated Test Suite" | 1.8.0 Search vendor "Oracle" for product "Communications Cloud Native Core Automated Test Suite" and version "1.8.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" | 1.11.0 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "1.11.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Network Slice Selection Function Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" | 1.8.0 Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" and version "1.8.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 20.3.2 Search vendor "Oracle" for product "Graalvm" and version "20.3.2" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 21.1.0 Search vendor "Oracle" for product "Graalvm" and version "21.1.0" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Zfs Storage Appliance Kit Search vendor "Oracle" for product "Zfs Storage Appliance Kit" | 8.8 Search vendor "Oracle" for product "Zfs Storage Appliance Kit" and version "8.8" | - |
Affected
| ||||||