Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.R_LANG_CVE-2024-27322.NASLHistoryMay 09, 2024 - 12:00 a.m.
R Programming Language 1.4.0 < 4.4.0 Insecure Deserialization
2024-05-0900:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31
r programming language
insecure deserialization
1.4.0
4.4.0
remote host
vulnerability
arbitrary code
nessus scanner
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
Low
EPSS
0
Percentile
10.3%
The version of the R Programming Language running on the remote host is 1.4.0 or later, before 4.4.0. It is, therefore, affected by an insecure deserialization vulnerability. Deserialization of untrusted data can occur, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted with.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(195217);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/10");
script_cve_id("CVE-2024-27322");
script_xref(name:"IAVA", value:"2024-A-0268");
script_name(english:"R Programming Language 1.4.0 < 4.4.0 Insecure Deserialization");
script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by an insecure deserialization vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of the R Programming Language running on the remote host is 1.4.0 or later, before 4.4.0. It is, therefore,
affected by an insecure deserialization vulnerability. Deserialization of untrusted data can occur, enabling a
maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user's system
when interacted with.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://hiddenlayer.com/research/r-bitrary-code-execution/");
script_set_attribute(attribute:"see_also", value:"https://www.openwall.com/lists/oss-security/2024/04/29/3");
script_set_attribute(attribute:"see_also", value:"https://www.kb.cert.org/vuls/id/238194");
script_set_attribute(attribute:"solution", value:
"Upgrade to R version 4.4.0 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-27322");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/29");
script_set_attribute(attribute:"patch_publication_date", value:"2024/05/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:r-project:r");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("r_lang_win_installed.nbin");
script_require_keys("installed_sw/R Programming Language");
exit(0);
}
include('vcf.inc');
var win_local = FALSE;
if (!empty_or_null(get_kb_item('SMB/Registry/Enumerated')))
win_local = TRUE;
var app_info = vcf::get_app_info(app:'R Programming Language', win_local:win_local);
var constraints = [
{ 'min_version' : '1.4.0', 'fixed_version' : '4.4.0'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);Related
nessus
nessus
Fedora 38 : R (2024-bc590cb3f1)
2024-05-09 00:00:00
Amazon Linux AMI : R (ALAS-2024-1940)
2024-06-24 00:00:00
CBL Mariner 2.0 Security Update: R (CVE-2024-27322)
2024-07-03 00:00:00
cvelist
cvelist
CVE-2024-27322
2024-04-29 13:02:37
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-07b7b83a4f)
2024-05-27 00:00:00
Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)
2024-05-27 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: R-4.3.3-2.fc39
2024-05-09 02:05:27
[SECURITY] Fedora 38 Update: R-4.3.3-2.fc38
2024-05-09 01:49:21
freebsd
freebsd
R -- arbitrary code execution vulnerability
2024-04-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-27322 affecting package R for versions less than 4.4.1-1
2024-07-22 15:42:40
CVE-2024-27322 affecting package R for versions less than 4.1.0-5
2024-06-28 17:07:09
cve
cve
CVE-2024-27322
2024-04-29 13:15:30
vulnrichment
vulnrichment
CVE-2024-27322
2024-04-29 13:02:37
amazon
amazon
Important: R
2024-06-19 18:46:00
osv
osv
CVE-2024-27322
2024-04-29 13:15:30
debiancve
debiancve
CVE-2024-27322
2024-04-29 13:15:30
nvd
nvd
CVE-2024-27322
2024-04-29 13:15:30
veracode
veracode
Arbitrary Code Execution
2024-05-05 14:38:36
cert
cert
thn
thn
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks
2024-04-29 10:50:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
Low
EPSS
0
Percentile
10.3%
Related for R_LANG_CVE-2024-27322.NASL