CVE-2022-26488
Published Mar 10, 2022
Last updated a year ago
Overview
- Description
- In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-426
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E05F88A-70C2-4DB6-9CCC-1D599AD26D4C",
"versionEndIncluding": "3.7.12"
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E80CA0FB-E708-4E92-BF36-7267F799FF8D",
"versionEndIncluding": "3.8.12",
"versionStartIncluding": "3.8.0"
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD4B9F29-F505-4721-A630-C75103942F29",
"versionEndIncluding": "3.9.10",
"versionStartIncluding": "3.9.0"
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5B55D1D-031C-4006-A368-BB66C2057916",
"versionEndIncluding": "3.10.2",
"versionStartIncluding": "3.10.0"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "514A577E-5E60-40BA-ABD0-A8C5EB28BD90"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83B71795-9C81-4E5F-967C-C11808F24B05"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F6F71F3-299E-4A4B-ADD1-EAD5A1D433E2"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9BBF4E9-EA54-41B5-948E-8E3D2660B7EF"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEBFDCE7-81D4-4741-BB88-12C704515F5C"
},
{
"criteria": "cpe:2.3:a:python:python:3.11.0:alpha6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "156EB4C2-EFB7-4CEB-804D-93DB62992A63"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"
}
],
"operator": "OR"
}
]
}
]