Vulnerabilities > CVE-2017-5992 - XXE vulnerability in Python Openpyxl 2.4.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-202.NASL description This update for python3-openpyxl fixes one security issue : - CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592). last seen 2020-06-05 modified 2018-02-23 plugin id 106963 published 2018-02-23 reporter This script is Copyright (C) 2018-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/106963 title openSUSE Security Update : python3-openpyxl (openSUSE-2018-202) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-202. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(106963); script_version("3.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-5992"); script_name(english:"openSUSE Security Update : python3-openpyxl (openSUSE-2018-202)"); script_summary(english:"Check for the openSUSE-2018-202 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for python3-openpyxl fixes one security issue : - CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1025592" ); script_set_attribute( attribute:"solution", value:"Update the affected python3-openpyxl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-openpyxl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2018/02/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"python3-openpyxl-2.2.4-7.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3-openpyxl"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-44.NASL description This update for python-openpyxl fixes one issue. This security issue was fixed : - CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592). last seen 2020-06-05 modified 2018-01-16 plugin id 106071 published 2018-01-16 reporter This script is Copyright (C) 2018-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/106071 title openSUSE Security Update : python-openpyxl (openSUSE-2018-44) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-44. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(106071); script_version("3.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-5992"); script_name(english:"openSUSE Security Update : python-openpyxl (openSUSE-2018-44)"); script_summary(english:"Check for the openSUSE-2018-44 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for python-openpyxl fixes one issue. This security issue was fixed : - CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1025592" ); script_set_attribute( attribute:"solution", value:"Update the affected python-openpyxl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-openpyxl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2018/01/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.2|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2 / 42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( rpm_check(release:"SUSE42.2", reference:"python-openpyxl-2.2.2-4.5.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"python-openpyxl-2.2.2-7.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-openpyxl"); }
References
- http://www.openwall.com/lists/oss-security/2017/02/07/5
- http://www.openwall.com/lists/oss-security/2017/02/07/5
- https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
- https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
- https://bitbucket.org/openpyxl/openpyxl/issues/749
- https://bitbucket.org/openpyxl/openpyxl/issues/749
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854442
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854442