#VU23000 Information disclosure in Jinja - CVE-2016-10745

Cybersecurity Help s.r.o.

Published: 2019-11-26

Vulnerability identifier: #VU23000

Vulnerability risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-10745

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Jinja
Web applications / Modules and components for CMS

Vendor: The Pallets Projects

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to information disclosure in str.format in Pallets Jinja. A remote attacker can gain unauthorized access to sensitive information and use it to escape sandbox.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jinja: 2.0 - 2.8

External links
https://access.redhat.com/errata/RHSA-2019:1022
https://access.redhat.com/errata/RHSA-2019:1237
https://access.redhat.com/errata/RHSA-2019:1260
https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16
https://palletsprojects.com/blog/jinja-281-released/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM QRadar Assistant

Multiple vulnerabilities in Dell PowerStore Family

Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)

Red Hat update for python-jinja2

Red Hat Software Collections update for python27-python and python27-python-jinja2

Red Hat Software Collections update for rh-python35-python-jinja2

Sendbox escape in Pallets Jinja