Miggo Logo
Miggo Vulnerability Database
CVE-2015-3171

CVE-2015-3171: sosreport sensitive information disclosure via weak permissions of the generated archives

5.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2015-3171
GHSA ID
GHSA-gw46-8559-cggp
EPSS Score
0.10794%
CWE
CWE-200
Published
5/13/2022
Updated
10/25/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
sosreportpip< 3.33.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The GitHub patch shows the vulnerability was fixed by adding umask manipulation in the final_work function. The commit explicitly adds os.umask(0o077) and restores the original umask in a finally block. This indicates the absence of proper umask handling in this function was the root cause. The CVE description directly attributes the issue to weak archive permissions, which aligns with the umask-related code changes in this function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

sosr*port *.* us*s w**k p*rmissions *or **n*r*t** sosr*port *r**iv*s, w*i** *llows lo**l us*rs wit* ****ss to `/v*r/tmp/` to o*t*in s*nsitiv* in*orm*tion *y r***in* t** *ont*nts o* t** *r**iv*.

Reasoning

T** *it*u* p*t** s*ows t** vuln*r**ility w*s *ix** *y ***in* um*sk m*nipul*tion in t** `*in*l_work` *un*tion. T** *ommit *xpli*itly ***s `os.um*sk(*o***)` *n* r*stor*s t** ori*in*l um*sk in * *in*lly *lo*k. T*is in*i**t*s t** **s*n** o* prop*r um*sk