Vulnerability identifier: #VU30827
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-331
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Werkzeug
Web applications /
JS libraries
Vendor: The Pallets Projects
Description
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Werkzeug: 0.15.0 - 0.15.2
External links
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00047.html
http://github.com/pallets/werkzeug/blob/7fef41b120327d3912fbe12fb64f1951496fcf3e/src/werkzeug/debug/__init__.py#L168
http://github.com/pallets/werkzeug/commit/00bc43b1672e662e5e3b8cecd79e67fc968fa246
http://palletsprojects.com/blog/werkzeug-0-15-3-released/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.