Forum Discussion
Python Unsupported Version Detection Change A new Nessus...
Python Unsupported Version Detection
Change
A new Nessus plugin is being introduced that will detect unsupported versions of Python running on web servers detected by 122364 that will also attempt to detect backported versions.
This new plugin name will be “Python Unsupported Version Detection” and this post will be updated with the plugin ID once the plugin is published to the feed. Update: The plugin ID is 148367
Impact
Customers should expect to see additional vulnerability findings of unsupported versions of Python running on web servers.
Plugin
148367 - Python Unsupported Version Detection
Target Release Date
7 April 2021
Released in feed 202104080559
---------------------------------------------------------------------------------------------------
Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.
3 Replies
This plugin doesn't seem to take backported security fixes into account for RHEL 7 and RHEL8 systems running python applications. Python 3.6.8, while not supported by Python any longer, is supported and maintained by RedHat, but patched RHEL7/8 systems are still flagged as being vulnerable due to EOL Python.
Hello @Rich Crompton . Please contact Tenable Technical Support with this suggestion so that we can better assist and prioritize this improvement to our Python detection.
Thank you, Greg. We just went through Technical Support who said the plugin is working as expected. I was hoping to gain traction here or in the Suggestions area, where this was brought up as not functioning correctly (https://suggestions.tenable.com/ideas/RES-I-598). All RHEL7 systems (although they'll only be around a few more months) and most RHEL8 systems that run a python web service will show as vulnerable, when they're running the latest RedHat-patched Python.
