#VU25542 Improper access control in PyYAML - CVE-2019-20477

Cybersecurity Help s.r.o.

Published: 2020-02-24

Vulnerability identifier: #VU25542

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-20477

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PyYAML
Web applications / Modules and components for CMS

Vendor: The YAML Project

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the "load" and "load_all" functions. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PyYAML: 5.1

External links
https://github.com/yaml/pyyaml/blob/master/CHANGES
https://www.exploit-db.com/download/47655
https://github.com/yaml/pyyaml/issues/265

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Anolis OS update for python38:3.8 module

Red Hat Enterprise Linux 8 update for the python38:3.8 module

Improper Access Control in PyYAML component for Python