CVE-2022-21699

Execution with Unnecessary Privileges in ipython

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.

IPython (Interactive Python) es un shell de comandos para la computación interactiva en múltiples lenguajes de programación, desarrollado originalmente para el lenguaje de programación Python. Las versiones afectadas están sujetas a una vulnerabilidad de ejecución de código arbitrario conseguida al no administrar apropiadamente los archivos temporales de los usuarios. Esta vulnerabilidad permite a un usuario ejecutar código como otro en la misma máquina. Se recomienda a todos los usuarios que actualicen

It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. It was discovered that IPython did not properly manage cross user temporary files. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-11-16 CVE Reserved
2022-01-19 CVE Published
2024-08-03 CVE Updated
2024-08-03 First Exploit
2024-12-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-250: Execution with Unnecessary Privileges
CWE-269: Improper Privilege Management
CWE-279: Incorrect Execution-Assigned Permissions

CAPEC

References (6)

URL	Tag	Source
https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699	Release Notes
https://lists.debian.org/debian-lts-announce/2022/01/msg00021.html	Mailing List

URL	Date	SRC
https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x	2024-08-03

URL	Date	SRC
https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668	2023-11-07

URL	Date	SRC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ipython Search vendor "Ipython"		Ipython Search vendor "Ipython" for product "Ipython"				<= 5.10.0 Search vendor "Ipython" for product "Ipython" and version " <= 5.10.0"		-		Affected
Ipython Search vendor "Ipython"		Ipython Search vendor "Ipython" for product "Ipython"				>= 6.0.0 < 7.16.3 Search vendor "Ipython" for product "Ipython" and version " >= 6.0.0 < 7.16.3"		-		Affected
Ipython Search vendor "Ipython"		Ipython Search vendor "Ipython" for product "Ipython"				>= 7.17.0 < 7.31.1 Search vendor "Ipython" for product "Ipython" and version " >= 7.17.0 < 7.31.1"		-		Affected
Ipython Search vendor "Ipython"		Ipython Search vendor "Ipython" for product "Ipython"				>= 8.0.0 < 8.0.1 Search vendor "Ipython" for product "Ipython" and version " >= 8.0.0 < 8.0.1"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				34 Search vendor "Fedoraproject" for product "Fedora" and version "34"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				35 Search vendor "Fedoraproject" for product "Fedora" and version "35"		-		Affected