CVE-2021-4189

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.

CVSS v3.0 5.3 MEDIUM

5.3^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e	Patch Third Party Advisory
https://access.redhat.com/security/cve/CVE-2021-4189	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2036020	Issue Tracking Patch Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2021-4189	Third Party Advisory
https://bugs.python.org/issue43285	Patch Vendor Advisory
https://python-security.readthedocs.io/vuln/ftplib-pasv.html	Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20221104-0004/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python:3.10.0:-::::::

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:a:redhat:software_collections:-:::::::*

Configuration 4 (hide)

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Information

Published : 2022-08-24 09:15

Updated : 2022-12-07 19:57

NVD link : CVE-2021-4189

Mitre link : CVE-2021-4189

JSON object : View

CWE

CWE-252

Unchecked Return Value

Products Affected

python

python

redhat

enterprise_linux
software_collections

netapp

ontap_select_deploy_administration_utility

debian

debian_linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e", "name": "https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://access.redhat.com/security/cve/CVE-2021-4189", "name": "https://access.redhat.com/security/cve/CVE-2021-4189", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036020", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2036020", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2021-4189", "name": "https://security-tracker.debian.org/tracker/CVE-2021-4189", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://bugs.python.org/issue43285", "name": "https://bugs.python.org/issue43285", "tags": ["Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "https://python-security.readthedocs.io/vuln/ftplib-pasv.html", "name": "https://python-security.readthedocs.io/vuln/ftplib-pasv.html", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://security.netapp.com/advisory/ntap-20221104-0004/", "name": "https://security.netapp.com/advisory/ntap-20221104-0004/", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-252"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-4189", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2022-08-24T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.9.3", "versionStartIncluding": "3.9.0"}, {"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.8.9", "versionStartIncluding": "3.8.0"}, {"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.7.11", "versionStartIncluding": "3.7.0"}, {"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.6.14", "versionStartIncluding": "3.6.0"}, {"cpe23Uri": "cpe:2.3:a:python:python:3.10.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-12-08T03:57Z"}

5.3 /10