App Services
      Back to home
      1. Knowledge Base
      2. Azure Knowledge Base
      3. App Services

      Outdated Python Version

      Risk Level: Medium

      Description

      This plugin ensures that the latest version of Python is installed for all App Services. Installing the latest version of Python will reduce the security risk of missing security patches and updated features.

      Configuration Parameter

      Latest Python Version: This parameter denotes that the latest version of Python should be installed for all App Services. An alert will be generated if the Python version is outdated.

      By default the value is set to 3.6, therefore any older version of python will return vulnerability.

      About the Service

      App Services: The app services at azure offers to host web applications, the REST API and backend services for mobile and web applications. Hosting web apps on Azure lets users focus on managing the application and its data. 

      Impact 

      The latest version of any software comes not only with improved features but also with security patches for loopholes that existed in the previous versions. Thus, selecting older versions of Software in the runtime stack provides threat actors with a loophole to damage and misuse the application’s resources and assets.  

      Steps to Reproduce

      1. Login to azure portal.
      2. Click on App Services.
      3. Select an App Service plan from the listed apps.
      4. Click on Configuration under Settings.
      5. Go to the General settings section.
      6. Under Stack settings, if the Stack is set to Python, then check the set version, go to the Steps for Remediation section to remove the issue.

      Steps for Remediation

      1. Login to azure portal.
      2. Click on App Services.
      3. Select an App Service plan from the listed apps.
      4. Click on Configuration under Settings.
      5. Go to the General settings section.
      6. Under Stack settings if the Stack is set to Python, then check the set version. If the value is set to an older version, click the drop down menu in front of the Python version and select the latest available version.

      NOTE: As of November 27, 2021, the latest available version for python is 3.6.

      Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

      Thanks

      PingSafe Support