Vulnerabilites related to redhat - ansible_engine
Vulnerability from fkie_nvd
Published
2018-07-26 14:29
Modified
2024-11-21 02:59
Severity ?
Summary
An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1685 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible-modules-core/pull/5388 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible-modules-core/pull/5388 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | virtualization | 4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F5A819-05F9-4863-A5FD-7564C5DC8858", versionEndExcluding: "2.2.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.", }, { lang: "es", value: "Se ha detectado una vulnerabilidad de validación de entradas en el módulo mysql_user de Ansible en versiones anteriores a la 2.2.1.0, el cual puede fallar a la hora de cambiar correctamente una contraseña en determinadas circunstancias. Entonces, la contraseña anterior seguiría activa cuando se debería haber cambiado.", }, ], id: "CVE-2016-8647", lastModified: "2024-11-21T02:59:45.527", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 0.7, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-26T14:29:00.267", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1685", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible-modules-core/pull/5388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible-modules-core/pull/5388", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-08 19:15
Modified
2024-11-21 04:27
Severity ?
Summary
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| redhat | openstack | 13 | |
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.8.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "07DA4289-FB39-4AE8-AD1D-723C274E6E62", versionEndExcluding: "2.6.20", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9C993B5F-1D91-4896-8986-1DC8057205A2", versionEndExcluding: "2.7.14", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "92DA252C-496A-4006-9D48-A4AF30459F95", versionEndExcluding: "2.8.6", versionStartIncluding: "2.8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.8.0:*:*:*:*:*:*:*", matchCriteriaId: "8875E85C-22EB-4950-BDC0-D34488D87863", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*", matchCriteriaId: "B0FEFCDD-A212-4525-B449-2C4A00A0D2E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", }, { lang: "es", value: "En Ansible, todas las versiones de Ansible Engine hasta ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, se registraban en el nivel DEBUG, lo que conlleva a la divulgación de credenciales si un plugin usó una biblioteca que registraba credenciales en el nivel DEBUG. Este defecto no afecta a los módulos de Ansible, ya que son ejecutados en un proceso separado.", }, ], id: "CVE-2019-14846", lastModified: "2024-11-21T04:27:29.307", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-08T19:15:10.400", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/63366", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/63366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-117", }, { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-12 18:15
Modified
2024-11-21 05:11
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/pull/67866 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/pull/67866 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "8C0375B0-E0E4-4132-B985-2DB223E70D83", versionEndExcluding: "2.7.17", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "8700FFBF-0D48-4633-AAB2-DB49729D92C6", versionEndExcluding: "2.8.11", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB17437-BAA5-41DF-B0EB-857441A81804", versionEndExcluding: "2.9.7", versionStartIncluding: "2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C0F920-A505-452D-AFAA-AE6C20FB25EF", versionEndIncluding: "3.4.5", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F2062F74-68D8-4E75-BC69-6038B519F823", versionEndIncluding: "3.5.5", versionStartIncluding: "3.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "342D4A63-0972-413B-BD65-0495DBF1CDFB", versionEndIncluding: "3.6.3", versionStartIncluding: "3.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", }, { lang: "es", value: "Se detectó un fallo en el Ansible Engine que afectaba a las versiones 2.7.x anteriores a 2.7.17 y versiones 2.8.x anteriores a 2.8.11 y versiones 2.9.x anteriores a 2.9.7 así como en Ansible Tower versiones anteriores e incluyendo a 3.4.5 y 3.5.5 y 3.6.3, cuando son usados los módulos de la comunidad ldap_attr y ldap_entry. El problema revela la contraseña de enlace de LDAP en stdout o un archivo de registro si una tarea del playbook se escribe usando el bind_pw en el campo parameters. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos.", }, ], id: "CVE-2020-1746", lastModified: "2024-11-21T05:11:17.757", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-12T18:15:13.600", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/67866", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/67866", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-16 15:15
Modified
2024-11-21 05:11
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "5E4045B1-4A8F-4D7F-96CD-E71F9389975C", versionEndExcluding: "2.7.18", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "8700FFBF-0D48-4633-AAB2-DB49729D92C6", versionEndExcluding: "2.8.11", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB17437-BAA5-41DF-B0EB-857441A81804", versionEndExcluding: "2.9.7", versionStartIncluding: "2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "C3C5721F-050A-42A3-A71D-6C6BA23D58FE", versionEndIncluding: "3.3.4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C0F920-A505-452D-AFAA-AE6C20FB25EF", versionEndIncluding: "3.4.5", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F2062F74-68D8-4E75-BC69-6038B519F823", versionEndIncluding: "3.5.5", versionStartIncluding: "3.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "342D4A63-0972-413B-BD65-0495DBF1CDFB", versionEndIncluding: "3.6.3", versionStartIncluding: "3.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", }, { lang: "es", value: "Se detectó un fallo de seguridad en Ansible Engine, todas las versiones de Ansible 2.7.x anteriores a 2.7.17, todas las versiones de Ansible 2.8.x anteriores a 2.8.11 y todas las versiones de Ansible 2.9.x anteriores a 2.9.7, cuando se administra kubernetes usando el módulo k8s. Los parámetros confidenciales, tales como contraseñas y tokens, son pasados a kubectl desde la línea de comandos, sin utilizar una variable de entorno o un archivo de configuración de entrada. Esto revelará contraseñas y tokens de la lista de procesos y la directiva no_log del módulo de depuración no tendría ningún efecto al hacer que estos secretos sean divulgados en los archivos stdout y log.", }, ], id: "CVE-2020-1753", lastModified: "2024-11-21T05:11:18.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-16T15:15:13.333", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/ansible-collections/kubernetes/pull/51", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-11", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/ansible-collections/kubernetes/pull/51", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, { lang: "en", value: "CWE-214", }, { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-03 22:15
Modified
2024-11-21 05:11
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
Summary
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/issues/67792 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/issues/67792 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | 2.8.8 | |
| redhat | ansible_engine | 2.9.5 | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | 3.4.5 | |
| redhat | ansible_tower | 3.5.5 | |
| redhat | ansible_tower | 3.6.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "2E713A0F-6AD3-409E-87AA-DE7EB5B7525C", versionEndIncluding: "2.7.16", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.8.8:*:*:*:*:*:*:*", matchCriteriaId: "CDC2F2BC-209D-4FA4-B1E1-E486DE8AC48B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.9.5:*:*:*:*:*:*:*", matchCriteriaId: "8599992B-8847-4332-80CC-F98FA4125272", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "C3C5721F-050A-42A3-A71D-6C6BA23D58FE", versionEndIncluding: "3.3.4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.4.5:*:*:*:*:*:*:*", matchCriteriaId: "16776B7F-83E9-4918-94D8-60CA0F96F870", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.5.5:*:*:*:*:*:*:*", matchCriteriaId: "8FE9389E-3129-4A14-96CA-5113BD09AD10", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E695D048-7109-4840-8DE1-59AC1690E667", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", }, { lang: "es", value: "Se encontró un fallo en el plugin pipe lookup de ansible. Los comandos arbitrarios se pueden ejecutar, cuando el plugin pipe lookup utiliza la función subprocess.Popen() con shell=True, al sobrescribir los datos de ansible y la variable no se escapa mediante el plugin citado. Un atacante podría tomar ventaja y ejecutar comandos arbitrarios al sobrescribir los datos de ansible.", }, ], id: "CVE-2020-1734", lastModified: "2024-11-21T05:11:16.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-03T22:15:10.843", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/67792", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/67792", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-14 15:15
Modified
2024-11-21 04:27
Severity ?
Summary
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C689B946-650A-48FB-AB0E-A2522EFD5B44", versionEndIncluding: "2.8.0", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "08AAE3CE-F683-4811-9F05-C64353DAEDC9", versionEndIncluding: "3.5.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", }, { lang: "es", value: "Se detectó una vulnerabilidad en Ansible engine versión 2.x hasta 2.8 y Ansible tower versión 3.x hasta 3.5. Cuando un módulo tiene un argumento_spec con subparámetros marcados como no_log, pasar un nombre de parámetro no válido al módulo hará que la tarea falle antes de que se procesen las opciones no_log en los subparámetros. Como resultado, los datos en los campos de subparámetro no se enmascararán y se mostrarán si Ansible se ejecuta con mayor detalle y está presente en los argumentos de invocación del módulo para la tarea.", }, ], id: "CVE-2019-14858", lastModified: "2024-11-21T04:27:30.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-14T15:15:09.927", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-117", }, { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-11 18:15
Modified
2024-11-21 05:03
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/pull/71033 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/pull/71033 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "DED70659-F9F7-4B00-B91D-7FA5F4A6D8F7", versionEndExcluding: "2.8.14", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "F214846C-DD19-4EB0-8402-77F122989C35", versionEndExcluding: "2.9.12", versionStartIncluding: "2.9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se encontró un fallo en Ansible Engine al usar module_args. Las tareas ejecutadas con el modo de verificación (--check-mode) no neutralizan apropiadamente los datos confidenciales expuestos en los datos del evento. Este fallo permite a usuarios no autorizados leer estos datos. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2020-14332", lastModified: "2024-11-21T05:03:01.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-11T18:15:13.303", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/71033", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/71033", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-117", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-23 15:29
Modified
2024-11-21 03:53
Severity ?
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.5 | |
| redhat | ansible_engine | 2.6 | |
| redhat | ansible_engine | 2.7 | |
| redhat | ansible_tower | 3.3.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| suse | package_hub | - | |
| suse | linux_enterprise | 12.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*", matchCriteriaId: "4C5A40D5-4DF7-43D9-962E-1529D2DF198D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*", matchCriteriaId: "13BACD7C-AC7E-4D86-8D9B-ABB614005D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*", matchCriteriaId: "9B2073BF-90F8-4B22-97C4-7D6D4E852E46", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5817E2DF-3920-4886-A709-C51A70A6B7AD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", matchCriteriaId: "284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", matchCriteriaId: "CBC8B78D-1131-4F21-919D-8AC79A410FB9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", }, { lang: "es", value: "El módulo \"User\" de Ansible filtra cualquier dato que se pasa como parámetro a ssh-keygen. Esto podría desembocar en situaciones no deseadas como el paso de credenciales de frase de contraseña como parámetro para el ejecutable ssh-keygen. Las credenciales se muestran en texto claro a cada usuario con acceso solo a la lista de procesos.", }, ], id: "CVE-2018-16837", lastModified: "2024-11-21T03:53:24.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-23T15:29:00.607", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105700", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3460", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3461", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3462", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3463", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3505", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html", }, { source: "secalert@redhat.com", url: "https://usn.ubuntu.com/4072-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { source: "nvd@nist.gov", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2018-16837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3462", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3463", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-214", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-311", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-11 18:15
Modified
2024-11-21 05:03
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/issues/68400 | Exploit, Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/issues/68400 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "4AA51D54-94D6-4A3C-AD5B-190C68C5C5AE", versionEndExcluding: "2.9.12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", }, { lang: "es", value: "Se encontró un fallo de Neutralización de Salida Inapropiada para Registros en Ansible al usar el módulo uri, donde los datos confidenciales están expuestos en contenido y salida json. Este fallo permite a un atacante acceder a los registros o salidas de las tareas realizadas para leer las claves usadas en los libros de jugadas de otros usuarios dentro del módulo uri. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos", }, ], id: "CVE-2020-14330", lastModified: "2024-11-21T05:03:01.510", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-11T18:15:13.147", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/68400", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/68400", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-29 16:15
Modified
2024-11-21 05:46
Severity ?
Summary
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1925002 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/pull/73487 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1925002 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/pull/73487 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | 2.9.18 | |
| redhat | ansible_automation_platform | 1.2 | |
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.9 | |
| redhat | ansible_tower | 3.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.9.18:*:*:*:*:*:*:*", matchCriteriaId: "0966CDD1-4D3E-4994-A75D-B81E3DB957AE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_automation_platform:1.2:*:*:*:*:*:*:*", matchCriteriaId: "CBA4F8F3-6FC3-4ADD-BB96-A707E94AB0AB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.9:*:*:*:*:*:*:*", matchCriteriaId: "031BA68C-C515-4F22-BB63-751767E1123E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se encontró un fallo en Ansible Engine versión 2.9.18, donde la información confidencial no está enmascarada por defecto y no está protegida por la funcionalidad no_log cuando se usa la funcionalidad sub-option del módulo basic.py. Este fallo permite a un atacante obtener información confidencial. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2021-20228", lastModified: "2024-11-21T05:46:10.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-29T16:15:09.737", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/73487", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/73487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-02 13:29
Modified
2024-11-21 03:42
Severity ?
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.4 | |
| redhat | ansible_engine | 2.5 | |
| redhat | ansible_engine | 2.6 | |
| redhat | openstack | 10 | |
| redhat | openstack | 12 | |
| redhat | openstack | 13 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_host | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*", matchCriteriaId: "5864D753-2A37-4800-A73E-6ACA0662B605", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*", matchCriteriaId: "4C5A40D5-4DF7-43D9-962E-1529D2DF198D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*", matchCriteriaId: "13BACD7C-AC7E-4D86-8D9B-ABB614005D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.", }, { lang: "es", value: "En Ansible, se ha descubierto que las variables de inventario se cargan desde el directorio de trabajo actual cuando se ejecutan comandos ad-hoc bajo el control del atacante, lo que permite la ejecución de código arbitrario como resultado.", }, ], id: "CVE-2018-10874", lastModified: "2024-11-21T03:42:11.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-02T13:29:00.367", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041396", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874", }, { source: "secalert@redhat.com", url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4072-1/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-426", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-09 16:15
Modified
2024-11-21 05:11
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "D55D4795-99E8-4097-B704-1CC2BAD67148", versionEndExcluding: "2.7.17", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "4AFE2A90-1844-4D9D-80B3-E60048D81695", versionEndExcluding: "2.8.9", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "1561F609-E275-430B-B472-1B84F330FCA7", versionEndExcluding: "2.9.6", versionStartIncluding: "2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "C3C5721F-050A-42A3-A71D-6C6BA23D58FE", versionEndIncluding: "3.3.4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C0F920-A505-452D-AFAA-AE6C20FB25EF", versionEndIncluding: "3.4.5", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F2062F74-68D8-4E75-BC69-6038B519F823", versionEndIncluding: "3.5.5", versionStartIncluding: "3.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "342D4A63-0972-413B-BD65-0495DBF1CDFB", versionEndIncluding: "3.6.3", versionStartIncluding: "3.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", }, { lang: "es", value: "Se detectó un fallo en Ansible versiones 2.7.17 y anteriores, versiones 2.8.9 y anteriores, y versiones 2.9.6 y anteriores, cuando se usa la función Extract-Zip desde el módulo win_unzip ya que los archivos extraídos no son comprobados si pertenecen a la carpeta de destino. Un atacante podría tomar ventaja de este fallo al crear un archivo en cualquier parte del sistema de archivos, utilizando un salto de ruta. Este problema fue corregido en la versión 2.10.", }, ], id: "CVE-2020-1737", lastModified: "2024-11-21T05:11:16.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-09T16:15:12.407", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/67795", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202006-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/67795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202006-11", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-03 01:29
Modified
2024-11-21 03:42
Severity ?
Summary
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | 2.0 | |
| redhat | cloudforms | 4.6 | |
| redhat | openstack | 13 | |
| redhat | virtualization | 4.0 | |
| debian | debian_linux | 9.0 | |
| redhat | openstack | 10 | |
| redhat | openstack | 12 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9B1CF308-19C7-4007-A72F-44F68C36B22A", versionEndExcluding: "2.4.5", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "725395D6-82FA-47E1-A88D-F25B576E4B91", versionEndIncluding: "2.5.5", versionStartExcluding: "2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*", matchCriteriaId: "67F7263F-113D-4BAE-B8CB-86A61531A2AC", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", }, { lang: "es", value: "Ansible, en versiones 2.5 anteriores a la 2.5.5 y 2.4 anteriores a la 2.4.5, no cumplen con la marca de tarea no_log para las tareas fallidas. Cuando se ha empleado la marca no_log para proteger datos sensibles que se pasan a una tarea desde que se registra y esa tarea no se ejecuta con éxito, Ansible mostrará datos sensibles en archivos de registro y en el terminal del usuario que ejecuta Ansible.", }, ], id: "CVE-2018-10855", lastModified: "2024-11-21T03:42:08.980", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-03T01:29:00.580", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1948", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1949", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2022", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2079", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2184", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-27 19:15
Modified
2024-11-21 04:55
Severity ?
Summary
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1831089 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/issues/34144 | Exploit, Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1831089 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/issues/34144 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFA8005-6FBE-4032-A499-608B7FA34F56", versionEndExcluding: "2.9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", }, { lang: "es", value: "Se encontró un fallo en el uso de valores insuficientemente aleatorios en Ansible. Dos búsquedas de contraseñas aleatorias de la misma longitud generan el mismo valor que la acción de almacenamiento en caché de la plantilla para el mismo archivo, ya que no se realiza una reevaluación. La mayor amenaza de esta vulnerabilidad sería que todas las contraseñas estén expuestas a la vez para el archivo. Este fallo afecta a Ansible Engine versiones anteriores a 2.9.6", }, ], id: "CVE-2020-10729", lastModified: "2024-11-21T04:55:56.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-27T19:15:07.880", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/34144", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/issues/34144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-22 12:15
Modified
2024-11-21 06:21
Severity ?
Summary
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_automation_platform | 1.2 | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_automation_platform:1.2:*:*:*:*:*:*:*", matchCriteriaId: "CBA4F8F3-6FC3-4ADD-BB96-A707E94AB0AB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C82C3E99-50BE-4FD7-B4A0-E9083DDA2181", versionEndExcluding: "2.9.23", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "6709FB79-8862-4A25-93D2-B08093D4FC7C", versionEndExcluding: "3.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", }, { lang: "es", value: "Se encontró una falla en Ansible, donde el controlador de un usuario es vulnerable a la inyección de plantillas. Este problema puede ocurrir mediante hechos usados en la plantilla si el usuario está tratando de poner plantillas en cadenas YAML de varias líneas y los hechos que se manejan no incluyen rutinariamente caracteres especiales de la plantilla. Este defecto permite a atacantes llevar a cabo una inyección de comandos, lo que divulga información confidencial. La mayor amenaza de esta vulnerabilidad es para la confidencialidad y la integridad", }, ], id: "CVE-2021-3583", lastModified: "2024-11-21T06:21:54.240", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-22T12:15:07.953", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1968412", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1968412", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-11-29 18:29
Modified
2024-11-21 03:53
Severity ?
4.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "E62BD2FE-C4AF-421A-8530-C85F90DF94C7", versionEndExcluding: "2.5.13", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "49547662-9D65-42DA-8478-797E21D28716", versionEndExcluding: "2.6.10", versionStartIncluding: "2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "06477DCA-01D0-424D-B85F-795804DF7E1A", versionEndExcluding: "2.7.4", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "50F84E75-E5B1-4FE7-B89E-1EB5139B4293", versionEndIncluding: "2.8", versionStartIncluding: "2.7.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", }, { lang: "es", value: "Ejecucion de playbooks Ansible en plataformas Windows con PowerShell ScriptBlock logging y Module logging activados puede permitir que aparezcan contraseñas \"become\" en EventLogs en texto plano. Un usuario local con privilegios de administrador en la máquina puede visualizar estos registros y descubrir la contraseña en texto plano. Se cree que Ansible Engine en versiones 2.8 y anteriores es vulnerable.", }, ], id: "CVE-2018-16859", lastModified: "2024-11-21T03:53:27.863", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.6, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-11-29T18:29:00.537", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106004", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3770", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3771", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3772", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3773", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/49142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3770", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3771", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3772", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3773", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/49142", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-03 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_automation_platform_early_access | 2.0 | |
| redhat | ansible_engine | * | |
| redhat | openstack | 1 | |
| redhat | openstack | 16.1 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_for_ibm_power_little_endian | 4.0 | |
| redhat | virtualization_host | 4.0 | |
| redhat | virtualization_manager | 4.4 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_for_power_little_endian | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_automation_platform_early_access:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E3871C74-20C4-4212-AEF1-D792637A92B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "19A338B7-0C96-497E-AF9C-EA78F143CCBE", versionEndExcluding: "2.9.27", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:1:*:*:*:*:*:*:*", matchCriteriaId: "4B7FF772-FC99-435A-8D6F-6999656B9593", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*", matchCriteriaId: "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_for_ibm_power_little_endian:4.0:*:*:*:*:*:*:*", matchCriteriaId: "FDE26BBE-BD17-43B4-9C3F-B009F5AD0396", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.4:*:*:*:*:*:*:*", matchCriteriaId: "E0E1B0D8-7067-4FE7-A309-917AE4D59E7E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", matchCriteriaId: "47811209-5CE5-4375-8391-B0A7F6A0E420", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se ha encontrado un fallo en el módulo ansible-connection de Ansible Engine, en el que información confidencial, como las credenciales de usuario de Ansible, es revelado por defecto en el mensaje de error de rastreo. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2021-3620", lastModified: "2024-11-21T06:22:00.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-03T19:15:08.237", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-11 14:15
Modified
2024-11-21 04:55
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685 | Issue Tracking, Patch, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/pull/68433 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202006-11 | Third Party Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/pull/68433 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ceph_storage | 2.0 | |
| redhat | ceph_storage | 3.0 | |
| redhat | openstack | 10 | |
| redhat | openstack | 13 | |
| redhat | openstack | 15 | |
| redhat | storage | 3.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "8C0375B0-E0E4-4132-B985-2DB223E70D83", versionEndExcluding: "2.7.17", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "8700FFBF-0D48-4633-AAB2-DB49729D92C6", versionEndExcluding: "2.8.11", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB17437-BAA5-41DF-B0EB-857441A81804", versionEndExcluding: "2.9.7", versionStartIncluding: "2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "80DB70EF-4BFD-43A3-83B9-8B92CF82FED4", versionEndIncluding: "3.4.5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "F2062F74-68D8-4E75-BC69-6038B519F823", versionEndIncluding: "3.5.5", versionStartIncluding: "3.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "342D4A63-0972-413B-BD65-0495DBF1CDFB", versionEndIncluding: "3.6.3", versionStartIncluding: "3.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D07DF15E-FE6B-4DAF-99BB-2147CF7D7EEA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*", matchCriteriaId: "70108B60-8817-40B4-8412-796A592E4E5E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "379A5883-F6DF-41F5-9403-8D17F6605737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", }, { lang: "es", value: "Se detectó un fallo en Ansible Engine que afectaba a Ansible Engine versiones 2.7.x anteriores a 2.7.17 y versiones 2.8.x anteriores a 2.8.11 y versiones 2.9.x anteriores a 2.9.7, así como a Ansible Tower versiones anteriores e incluyendo a 3.4.5 y 3.5.5 y 3.6.3 cuando se usan módulos que descifran archivos del almacén tales como assemble, script, unarchive, win_copy, aws_s3 o módulos de copia. El directorio temporal que es creado en /tmp deja la s ts sin cifrar. En los sistemas operativos que /tmp no es un tmpfs sino parte de la partición root, el directorio solo es borrado en el arranque y el descifrado permanece cuando el host está apagado. El sistema será vulnerable cuando el sistema no se esté ejecutando. Por lo tanto, los datos descifrados necesitan ser borrados lo antes posible y los datos que normalmente están cifrados disponibles.", }, ], id: "CVE-2020-10685", lastModified: "2024-11-21T04:55:51.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-11T14:15:11.853", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/68433", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-11", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/68433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-459", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-459", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-13 22:29
Modified
2024-11-21 03:42
Severity ?
Summary
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.4 | |
| redhat | ansible_engine | 2.5 | |
| redhat | ansible_engine | 2.6 | |
| redhat | ceph_storage | 2.0 | |
| redhat | ceph_storage | 3.0 | |
| redhat | gluster_storage | 3.0.0 | |
| redhat | openshift | 3.0 | |
| redhat | openstack | 10 | |
| redhat | openstack | 12 | |
| redhat | openstack | 13 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_host | 4.0 | |
| debian | debian_linux | 9.0 | |
| suse | package_hub | - | |
| suse | suse_linux_enterprise_server | 12 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*", matchCriteriaId: "5864D753-2A37-4800-A73E-6ACA0662B605", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*", matchCriteriaId: "4C5A40D5-4DF7-43D9-962E-1529D2DF198D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*", matchCriteriaId: "13BACD7C-AC7E-4D86-8D9B-ABB614005D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D07DF15E-FE6B-4DAF-99BB-2147CF7D7EEA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:gluster_storage:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6E58427C-8EBB-4E51-B268-EC1AB34E81A7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "45690263-84D9-45A1-8C30-3ED2F0F11F47", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", matchCriteriaId: "284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", }, { lang: "es", value: "Se ha encontrado un error en ansible. ansible.cfg se lee desde el directorio de trabajo actual, que puede alterarse para hacer que señale a un plugin o una ruta de módulo bajo el control de un atacante, permitiendo que el atacante ejecute código arbitrario.", }, ], id: "CVE-2018-10875", lastModified: "2024-11-21T03:42:11.830", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-13T22:29:00.220", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041396", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-426", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-426", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-31 17:15
Modified
2024-11-21 04:27
Severity ?
Summary
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | 3.0.0 | |
| redhat | ceph_storage | 3.0 | |
| redhat | cloudforms_management_engine | 5.0 | |
| redhat | openstack | 13 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "ADF59B59-9254-4341-BC7A-BF981BAEF192", versionEndExcluding: "2.7.16", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "B727C825-657A-4922-BD90-0929ADCB9301", versionEndExcluding: "2.8.8", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "B384E395-651E-45AE-BC49-850BBC85C115", versionEndExcluding: "2.9.3", versionStartIncluding: "2.9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "834EEDDD-5071-4D2E-A66E-4DC017A2C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", matchCriteriaId: "7098B44F-56BF-42E3-8831-48D0A8E99EE2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", }, { lang: "es", value: "Se detectó una vulnerabilidad en Ansible Engine versiones 2.9.x anteriores a 2.9.3, versiones 2.8.x anteriores a 2.8.8, versiones 2.7.x anteriores a 2.7.16 y anteriores, donde en el módulo nxos_file_copy de Ansible puede ser usado para copiar archivos a una flash o bootflash en dispositivos NXOS. Un código malicioso podría diseñar el parámetro filename para llevar a cabo inyecciones de comandos de Sistema Operativo. Esto podría resultar en una pérdida de confidencialidad del sistema, entre otros problemas.", }, ], id: "CVE-2019-14905", lastModified: "2024-11-21T04:27:39.450", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.5, impactScore: 5.3, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 4.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-31T17:15:26.013", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0216", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0218", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-73", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-668", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-23 13:15
Modified
2024-11-21 05:03
Severity ?
Summary
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1869154 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1869154 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4950 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | * | |
| redhat | ansible_tower | 3.0 | |
| redhat | ceph_storage | 2.0 | |
| redhat | ceph_storage | 3.0 | |
| redhat | openstack_platform | 10.0 | |
| redhat | openstack_platform | 13.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "128A8518-1B23-4263-8958-2A3813E70EAD", versionEndIncluding: "2.8.15", versionStartIncluding: "2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "2633DB82-E043-4132-9493-B4CBB25FAE82", versionEndIncluding: "2.9.13", versionStartIncluding: "2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "8EA99A5E-25E4-42A8-92D3-017734DA0AA7", versionEndIncluding: "3.6.5", versionStartIncluding: "3.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", matchCriteriaId: "DDE01259-A945-4567-AB95-8DAB087A686A", versionEndIncluding: "3.7.2", versionStartIncluding: "3.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D07DF15E-FE6B-4DAF-99BB-2147CF7D7EEA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:10.0:*:*:*:*:*:*:*", matchCriteriaId: "542B31BD-5767-4B33-9201-40548D1223B3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*", matchCriteriaId: "C52600BF-9E87-4CD2-91F3-685AFE478C1E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.", }, { lang: "es", value: "Se encontró un fallo en Ansible Engine, en ansible-engine versiones 2.8.x anteriores a 2.8.15 y ansible-engine versiones 2.9.x anteriores a 2.9.13, Cuando se instalan paquetes usando el módulo dnf. Unas firmas GPG son ignoradas durante la instalación incluso cuando disable_gpg_check es establecida en False, que es el comportamiento predeterminado. Este fallo conlleva a que son instalados paquetes maliciosos en el sistema y son ejecutados códigos arbitrarios por medio de scripts de instalación de paquetes. La mayor amenaza de esta vulnerabilidad es la integridad y la disponibilidad del sistema", }, ], id: "CVE-2020-14365", lastModified: "2024-11-21T05:03:06.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "NONE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:N/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-23T13:15:15.470", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-03 15:29
Modified
2024-11-21 03:53
Severity ?
Summary
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible | * | |
| redhat | ansible | * | |
| redhat | ansible | * | |
| debian | debian_linux | 9.0 | |
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.5 | |
| redhat | ansible_engine | 2.6 | |
| redhat | ansible_engine | 2.7 | |
| redhat | openstack | 14 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| suse | package_hub | - | |
| suse | linux_enterprise | 12.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", matchCriteriaId: "EC90599B-B3DE-4F3C-809E-2AC639AB1C9D", versionEndExcluding: "2.5.14", versionStartIncluding: "2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", matchCriteriaId: "C67708F3-8F2F-41B1-8226-1F4A93DE3BE9", versionEndExcluding: "2.6.11", versionStartIncluding: "2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", matchCriteriaId: "C7BD2EA9-9D7E-4998-BF57-B44A5D428CDF", versionEndExcluding: "2.7.5", versionStartIncluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*", matchCriteriaId: "4C5A40D5-4DF7-43D9-962E-1529D2DF198D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*", matchCriteriaId: "13BACD7C-AC7E-4D86-8D9B-ABB614005D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*", matchCriteriaId: "9B2073BF-90F8-4B22-97C4-7D6D4E852E46", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", matchCriteriaId: "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", matchCriteriaId: "284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", matchCriteriaId: "CBC8B78D-1131-4F21-919D-8AC79A410FB9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", }, { lang: "es", value: "ansible en versiones anteriores a las 2.5.14, 2.6.11 y 2.7.5 es vulnerable a un fallo de divulgación de información en el modo vvv+ con \"no_log\" habilitado, el cual podría provocar el filtrado de datos sensibles.", }, ], id: "CVE-2018-16876", lastModified: "2024-11-21T03:53:30.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-03T15:29:01.163", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106225", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3835", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3836", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3837", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3838", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0564", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0590", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/49569", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106225", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3835", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3836", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0590", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/49569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4396", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-13 18:29
Modified
2024-11-21 04:12
Severity ?
Summary
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paramiko | paramiko | * | |
| paramiko | paramiko | * | |
| paramiko | paramiko | * | |
| paramiko | paramiko | * | |
| paramiko | paramiko | * | |
| paramiko | paramiko | * | |
| paramiko | paramiko | 2.4.0 | |
| redhat | ansible_engine | 2.0 | |
| redhat | ansible_engine | 2.4 | |
| redhat | cloudforms | 4.5 | |
| redhat | cloudforms | 4.6 | |
| redhat | virtualization | 4.1 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 6.4 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_aus | 6.6 | |
| redhat | enterprise_linux_server_eus | 6.7 | |
| redhat | enterprise_linux_server_tus | 6.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "5D1D3BB9-1426-4498-9BB4-A7F7696C7D18", versionEndExcluding: "1.17.6", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "8F645AC2-3A4F-47C7-9DFC-DEB25C467D21", versionEndExcluding: "1.18.5", versionStartIncluding: "1.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "1B500C82-6C71-4ED6-B334-E13DBFFA6F51", versionEndExcluding: "2.0.8", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "E90FB648-ABD2-4BDC-AD67-DD904595D967", versionEndExcluding: "2.1.5", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "B2C6E9E8-AF99-4E7B-8EE4-646835D7AFE1", versionEndExcluding: "2.2.3", versionStartIncluding: "2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "4E16324F-880D-44DF-8F01-EFAAA5358E81", versionEndExcluding: "2.3.2", versionStartIncluding: "2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:paramiko:paramiko:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "CFD08D44-023B-4126-8D7F-E9ECFDA59A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8989CD03-49A1-4831-BF98-9F21592788BE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*", matchCriteriaId: "5864D753-2A37-4800-A73E-6ACA0662B605", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*", matchCriteriaId: "32E1BA91-4695-4E64-A9D7-4A6CB6904D41", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*", matchCriteriaId: "67F7263F-113D-4BAE-B8CB-86A61531A2AC", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "6C81647C-9A53-481D-A54C-36770A093F90", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "13E02156-E748-4820-B76F-7074793837E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.", }, { lang: "es", value: "transport.py en la implementación del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x anteriores a la 1.18.5; versiones 2.0.x anteriores a la 2.0.8; versiones 2.1.x anteriores a la 2.1.5; versiones 2.2.x anteriores a la 2.2.3; versiones 2.3.x anteriores a la 2.3.2 y versiones 2.4.x anteriores a la 2.4.1, no comprueba adecuadamente si la autenticación se ha completado antes de procesar otras peticiones, tal y como demuestra channel-open. Un cliente SSH personalizado puede simplemente omitir el paso de autenticación.", }, ], id: "CVE-2018-7750", lastModified: "2024-11-21T04:12:39.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-13T18:29:00.303", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103713", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0591", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0646", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1124", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1125", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1213", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1274", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1328", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1525", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1972", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/issues/1175", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3603-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3603-2/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/45712/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103713", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0591", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0646", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1124", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1525", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1972", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/paramiko/paramiko/issues/1175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3603-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3603-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/45712/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-30 17:15
Modified
2024-11-21 04:55
Severity ?
5.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
5.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
5.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Summary
An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691 | Issue Tracking, Mitigation, Vendor Advisory | |
| secalert@redhat.com | https://github.com/ansible/ansible/pull/68596 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ansible/ansible/pull/68596 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_engine | * | |
| redhat | ansible_tower | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB17437-BAA5-41DF-B0EB-857441A81804", versionEndExcluding: "2.9.7", versionStartIncluding: "2.9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", }, { lang: "es", value: "Se ha detectado un fallo de salto de archivo en todas las versiones de ansible-engine 2.9.x anteriores a 2.9.7, cuando se ejecuta una instalación de una colección ansible-galaxy. Al extraer un archivo .tar.gz de la colección, el directorio es creado sin sanear el nombre del archivo. Un atacante podría aprovechar para sobrescribir cualquier archivo dentro del sistema.", }, ], id: "CVE-2020-10691", lastModified: "2024-11-21T04:55:51.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2, impactScore: 2.7, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-30T17:15:11.957", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/68596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/pull/68596", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-19 13:29
Modified
2024-11-21 03:31
Severity ?
Summary
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | openshift_container_platform | 3.3 | |
| redhat | openshift_container_platform | 3.4 | |
| redhat | openshift_container_platform | 3.5 | |
| redhat | openstack | 10 | |
| redhat | openstack | 11 | |
| redhat | storage_console | 2.0 | |
| redhat | virtualization | 4.1 | |
| redhat | virtualization_manager | 4.1 | |
| redhat | gluster_storage | 3.2 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.3:*:*:*:*:*:*:*", matchCriteriaId: "EA3ADA26-2B9E-4ABA-A224-910BD75CCE00", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.4:*:*:*:*:*:*:*", matchCriteriaId: "67E80045-56E4-4A83-8168-CFED5E55CE45", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.5:*:*:*:*:*:*:*", matchCriteriaId: "E792B5DC-CCD2-4A50-B72F-860A3BFAF165", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", matchCriteriaId: "4E9AF77C-5D49-4842-9817-AD710A919073", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage_console:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E916298F-E4F3-49FB-92DA-C92013188C44", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AF786B57-02C3-48B7-B902-318356B3A3B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:gluster_storage:3.2:*:*:*:*:*:*:*", matchCriteriaId: "518056FB-E049-45AF-876A-C1682118E29D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "5F675D17-E806-4C38-8A36-49032C25ECAF", versionEndExcluding: "2.3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "3885EAB7-4ED7-493B-8124-A4434312C75B", versionEndExcluding: "2.4.0.0", versionStartIncluding: "2.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, { lang: "es", value: "Ansible en versiones anteriores a la 2.3.1.0 y 2.4.0.0 no marca correctamente los resultados del plugin lookup como no seguros. Si un atacante pudiese controlar los resultados de las llamadas lookup(), podrían inyectar cadenas Unicode para que sean analizadas por el sistema de plantillas jinja2, resultando en una ejecución de código. Por defecto, el lenguaje de plantillas jinja2 se marca ahora como \"no seguro\" y no se evalúa.", }, ], id: "CVE-2017-7481", lastModified: "2024-11-21T03:31:59.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-19T13:29:00.340", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98492", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
CVE-2020-1737 (GCVE-0-2020-1737)
Vulnerability from cvelistv5
Published
2020-03-09 15:11
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737 | x_refsource_CONFIRM | |
| https://github.com/ansible/ansible/issues/67795 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.gentoo.org/glsa/202006-11 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.898Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/issues/67795", }, { name: "FEDORA-2020-a3f12bcff4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/", }, { name: "FEDORA-2020-0cab7041f7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/", }, { name: "FEDORA-2020-87f5e1e829", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/", }, { name: "GLSA-202006-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.7.17 and prior", }, { status: "affected", version: "2.8.9 and prior", }, { status: "affected", version: "2.9.6 and prior", }, { status: "affected", version: "fixed in 2.10", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-13T03:06:08", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/issues/67795", }, { name: "FEDORA-2020-a3f12bcff4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/", }, { name: "FEDORA-2020-0cab7041f7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/", }, { name: "FEDORA-2020-87f5e1e829", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/", }, { name: "GLSA-202006-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202006-11", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1737", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "2.7.17 and prior", }, { version_value: "2.8.9 and prior", }, { version_value: "2.9.6 and prior", }, { version_value: "fixed in 2.10", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", }, ], }, impact: { cvss: [ [ { vectorString: "7.5/CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737", }, { name: "https://github.com/ansible/ansible/issues/67795", refsource: "MISC", url: "https://github.com/ansible/ansible/issues/67795", }, { name: "FEDORA-2020-a3f12bcff4", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/", }, { name: "FEDORA-2020-0cab7041f7", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/", }, { name: "FEDORA-2020-87f5e1e829", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/", }, { name: "GLSA-202006-11", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202006-11", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1737", datePublished: "2020-03-09T15:11:38", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:30.898Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-14332 (GCVE-0-2020-14332)
Vulnerability from cvelistv5
Published
2020-09-11 17:59
Modified
2024-08-04 12:39
Severity ?
EPSS score ?
Summary
A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/ansible/ansible/pull/71033 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332 | x_refsource_CONFIRM | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:39:36.318Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/71033", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.9.12", }, { status: "affected", version: "2.8.14", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-117", description: "CWE-117", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:09", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/pull/71033", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-14332", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "2.9.12", }, { version_value: "2.8.14", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", }, ], }, impact: { cvss: [ [ { vectorString: "5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-117", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/ansible/ansible/pull/71033", refsource: "MISC", url: "https://github.com/ansible/ansible/pull/71033", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-14332", datePublished: "2020-09-11T17:59:30", dateReserved: "2020-06-17T00:00:00", dateUpdated: "2024-08-04T12:39:36.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3583 (GCVE-0-2021-3583)
Vulnerability from cvelistv5
Published
2021-09-22 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.381Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1968412", }, { name: "[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "n/a", versions: [ { status: "affected", version: "ansible_tower 3.7, ansible_engine 2.9.23", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20->CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:06:20.554219", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1968412", }, { name: "[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3583", datePublished: "2021-09-22T00:00:00", dateReserved: "2021-06-07T00:00:00", dateUpdated: "2024-08-03T17:01:07.381Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-1746 (GCVE-0-2020-1746)
Vulnerability from cvelistv5
Published
2020-05-12 17:30
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746 | x_refsource_CONFIRM | |
| https://github.com/ansible/ansible/pull/67866 | x_refsource_CONFIRM | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:31.070Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/67866", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "ansible-engine versions 2.7.x before 2.7.17", }, { status: "affected", version: "ansible-engine versions 2.8.x before 2.8.11", }, { status: "affected", version: "ansible-engine versions 2.9.x before 2.9.7", }, { status: "affected", version: "Ansible Tower <= 3.4.5", }, { status: "affected", version: "Ansible Tower <= 3.5.5", }, { status: "affected", version: "Ansible Tower <= 3.6.3", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:11", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/pull/67866", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1746", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "ansible-engine versions 2.7.x before 2.7.17", }, { version_value: "ansible-engine versions 2.8.x before 2.8.11", }, { version_value: "ansible-engine versions 2.9.x before 2.9.7", }, { version_value: "Ansible Tower <= 3.4.5", }, { version_value: "Ansible Tower <= 3.5.5", }, { version_value: "Ansible Tower <= 3.6.3", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", }, { name: "https://github.com/ansible/ansible/pull/67866", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/pull/67866", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1746", datePublished: "2020-05-12T17:30:47", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:31.070Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-10685 (GCVE-0-2020-10685)
Vulnerability from cvelistv5
Published
2020-05-11 00:00
Modified
2024-08-04 11:06
Severity ?
EPSS score ?
Summary
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:10.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-202006-11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-11", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685", }, { tags: [ "x_transferred", ], url: "https://github.com/ansible/ansible/pull/68433", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "ansible-engine versions 2.7.x before 2.7.17", }, { status: "affected", version: "ansible-engine 2.8.x before 2.8.11", }, { status: "affected", version: "ansible-engine 2.9.x before 2.9.7", }, { status: "affected", version: "Ansible Tower <= 3.4.5 ", }, { status: "affected", version: "Ansible Tower <= 3.5.5", }, { status: "affected", version: "Ansible Tower <= 3.6.3", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-07T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "GLSA-202006-11", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202006-11", }, { name: "DSA-4950", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685", }, { url: "https://github.com/ansible/ansible/pull/68433", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-10685", datePublished: "2020-05-11T00:00:00", dateReserved: "2020-03-20T00:00:00", dateUpdated: "2024-08-04T11:06:10.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-10855 (GCVE-0-2018-10855)
Vulnerability from cvelistv5
Published
2018-07-02 18:00
Modified
2024-08-05 07:46
Severity ?
EPSS score ?
Summary
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:1949 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHBA-2018:3788 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:1948 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2184 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2022 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:0054 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2079 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2585 | vendor-advisory, x_refsource_REDHAT | |
| https://www.debian.org/security/2019/dsa-4396 | vendor-advisory, x_refsource_DEBIAN | |
| https://usn.ubuntu.com/4072-1/ | vendor-advisory, x_refsource_UBUNTU |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T07:46:47.397Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:1949", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1949", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2018:1948", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1948", }, { name: "RHSA-2018:2184", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2184", }, { name: "RHSA-2018:2022", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2022", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2079", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2079", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "Ansible 2.4.5", }, { status: "affected", version: "Ansible 2.5.5", }, ], }, ], datePublic: "2018-06-11T00:00:00", descriptions: [ { lang: "en", value: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-07-25T01:06:04", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:1949", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1949", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2018:1948", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1948", }, { name: "RHSA-2018:2184", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2184", }, { name: "RHSA-2018:2022", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2022", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2079", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2079", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-10855", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "Ansible 2.4.5", }, { version_value: "Ansible 2.5.5", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", }, ], }, impact: { cvss: [ [ { vectorString: "5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:1949", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1949", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855", }, { name: "RHBA-2018:3788", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2018:1948", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1948", }, { name: "RHSA-2018:2184", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2184", }, { name: "RHSA-2018:2022", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2022", }, { name: "RHSA-2019:0054", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2079", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2079", }, { name: "RHSA-2018:2585", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-10855", datePublished: "2018-07-02T18:00:00", dateReserved: "2018-05-09T00:00:00", dateUpdated: "2024-08-05T07:46:47.397Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-16837 (GCVE-0-2018-16837)
Vulnerability from cvelistv5
Published
2018-10-23 15:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.010Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:3460", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3460", }, { name: "105700", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105700", }, { name: "RHSA-2018:3462", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3462", }, { name: "RHSA-2018:3505", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3505", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", }, { name: "RHSA-2018:3463", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3463", }, { name: "[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html", }, { name: "RHSA-2018:3461", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3461", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-23T00:00:00", descriptions: [ { lang: "en", value: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-214", description: "CWE-214", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-14T08:06:03", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:3460", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3460", }, { name: "105700", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105700", }, { name: "RHSA-2018:3462", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3462", }, { name: "RHSA-2018:3505", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3505", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", }, { name: "RHSA-2018:3463", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3463", }, { name: "[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html", }, { name: "RHSA-2018:3461", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3461", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-16837", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", }, ], }, impact: { cvss: [ [ { vectorString: "7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-214", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:3460", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3460", }, { name: "105700", refsource: "BID", url: "http://www.securityfocus.com/bid/105700", }, { name: "RHSA-2018:3462", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3462", }, { name: "RHSA-2018:3505", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3505", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", }, { name: "RHSA-2018:3463", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3463", }, { name: "[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html", }, { name: "RHSA-2018:3461", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3461", }, { name: "DSA-4396", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16837", datePublished: "2018-10-23T15:00:00", dateReserved: "2018-09-11T00:00:00", dateUpdated: "2024-08-05T10:32:54.010Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-14365 (GCVE-0-2020-14365)
Vulnerability from cvelistv5
Published
2020-09-23 12:25
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1869154 | x_refsource_MISC | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:33.762Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "n/a", versions: [ { status: "affected", version: "ansible-engine 2.8.15, ansible-engine 2.9.13", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:19", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-14365", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "ansible-engine 2.8.15, ansible-engine 2.9.13", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869154", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-14365", datePublished: "2020-09-23T12:25:47", dateReserved: "2020-06-17T00:00:00", dateUpdated: "2024-08-04T12:46:33.762Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-8647 (GCVE-0-2016-8647)
Vulnerability from cvelistv5
Published
2018-07-26 14:00
Modified
2024-08-06 02:27
Severity ?
EPSS score ?
Summary
An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:1685 | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/ansible/ansible-modules-core/pull/5388 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:27:41.291Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:1685", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1685", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible-modules-core/pull/5388", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.2.1.0", }, ], }, ], datePublic: "2016-10-26T00:00:00", descriptions: [ { lang: "en", value: "An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-27T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2017:1685", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1685", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible-modules-core/pull/5388", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-8647", datePublished: "2018-07-26T14:00:00", dateReserved: "2016-10-12T00:00:00", dateUpdated: "2024-08-06T02:27:41.291Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-1734 (GCVE-0-2020-1734)
Vulnerability from cvelistv5
Published
2020-03-03 21:23
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734 | x_refsource_CONFIRM | |
| https://github.com/ansible/ansible/issues/67792 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.815Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/issues/67792", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-03T21:23:15", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/issues/67792", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1734", datePublished: "2020-03-03T21:23:15", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:30.815Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-16876 (GCVE-0-2018-16876)
Vulnerability from cvelistv5
Published
2019-01-03 15:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.241Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:3838", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3838", }, { name: "RHSA-2019:0564", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0564", }, { name: "106225", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106225", }, { name: "RHSA-2018:3836", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3836", }, { name: "RHSA-2018:3835", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3835", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/49569", }, { name: "RHSA-2018:3837", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3837", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "RHSA-2019:0590", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0590", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "before 2.5.14", }, { status: "affected", version: "before 2.6.11", }, { status: "affected", version: "before 2.7.5", }, ], }, ], datePublic: "2019-01-03T00:00:00", descriptions: [ { lang: "en", value: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-14T08:06:03", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:3838", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3838", }, { name: "RHSA-2019:0564", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0564", }, { name: "106225", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106225", }, { name: "RHSA-2018:3836", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3836", }, { name: "RHSA-2018:3835", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3835", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/pull/49569", }, { name: "RHSA-2018:3837", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3837", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "RHSA-2019:0590", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0590", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-16876", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "before 2.5.14", }, { version_value: "before 2.6.11", }, { version_value: "before 2.7.5", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", }, ], }, impact: { cvss: [ [ { vectorString: "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:3838", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3838", }, { name: "RHSA-2019:0564", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0564", }, { name: "106225", refsource: "BID", url: "http://www.securityfocus.com/bid/106225", }, { name: "RHSA-2018:3836", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3836", }, { name: "RHSA-2018:3835", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3835", }, { name: "https://github.com/ansible/ansible/pull/49569", refsource: "MISC", url: "https://github.com/ansible/ansible/pull/49569", }, { name: "RHSA-2018:3837", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3837", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876", }, { name: "DSA-4396", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "RHSA-2019:0590", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0590", }, { name: "openSUSE-SU-2019:1125", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, { name: "openSUSE-SU-2019:1858", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16876", datePublished: "2019-01-03T15:00:00", dateReserved: "2018-09-11T00:00:00", dateUpdated: "2024-08-05T10:32:54.241Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3620 (GCVE-0-2021-3620)
Vulnerability from cvelistv5
Published
2022-03-03 18:23
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-3620", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:09:25.955830Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T17:13:51.591Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "ansible", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in Ansible Engine v2.9.27", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-209", description: "CWE-209 - Generation of Error Message Containing Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:06:30.310Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3620", datePublished: "2022-03-03T18:23:38.000Z", dateReserved: "2021-06-24T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:25.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14846 (GCVE-0-2019-14846)
Vulnerability from cvelistv5
Published
2019-10-08 18:44
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:26:39.176Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/63366", }, { name: "RHSA-2019:3203", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2202-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "all ansible_engine-2.x and ansible_engine-3.x up to ansible_engine-3.5", }, ], }, ], descriptions: [ { lang: "en", value: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-117", description: "CWE-117", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:36", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/pull/63366", }, { name: "RHSA-2019:3203", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2202-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-14846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "all ansible_engine-2.x and ansible_engine-3.x up to ansible_engine-3.5", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", }, ], }, impact: { cvss: [ [ { vectorString: "7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-117", }, ], }, { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846", }, { name: "https://github.com/ansible/ansible/pull/63366", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/pull/63366", }, { name: "RHSA-2019:3203", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2202-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-14846", datePublished: "2019-10-08T18:44:09", dateReserved: "2019-08-10T00:00:00", dateUpdated: "2024-08-05T00:26:39.176Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3532 (GCVE-0-2021-3532)
Vulnerability from cvelistv5
This CVE is marked as INVALID and not a bug
Show details on NVD website{ containers: { cna: { providerMetadata: { dateUpdated: "2024-01-15T16:44:44.547Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, rejectedReasons: [ { lang: "en", value: "This CVE is marked as INVALID and not a bug", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3532", datePublished: "2021-06-09T11:09:03", dateRejected: "2024-01-15T15:50:43.309Z", dateReserved: "2021-05-03T00:00:00", dateUpdated: "2024-01-15T16:44:44.547Z", state: "REJECTED", }, dataType: "CVE_RECORD", dataVersion: "5.0", }
CVE-2020-10729 (GCVE-0-2020-10729)
Vulnerability from cvelistv5
Published
2021-05-27 18:46
Modified
2024-08-04 11:14
Severity ?
EPSS score ?
Summary
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1831089 | x_refsource_MISC | |
| https://github.com/ansible/ansible/issues/34144 | x_refsource_MISC | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:14:14.897Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/issues/34144", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "n/a", versions: [ { status: "affected", version: "ansible-engine 2.9.6", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-330", description: "CWE-330", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:30", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/issues/34144", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-10729", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "ansible-engine 2.9.6", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-330", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { name: "https://github.com/ansible/ansible/issues/34144", refsource: "MISC", url: "https://github.com/ansible/ansible/issues/34144", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-10729", datePublished: "2021-05-27T18:46:12", dateReserved: "2020-03-20T00:00:00", dateUpdated: "2024-08-04T11:14:14.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-10874 (GCVE-0-2018-10874)
Vulnerability from cvelistv5
Published
2018-07-02 13:00
Modified
2024-08-05 07:46
Severity ?
EPSS score ?
Summary
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:2166 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2152 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:2150 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1041396 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHBA-2018:3788 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:0054 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2151 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2321 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2585 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/4072-1/ | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T07:46:47.224Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { name: "RHSA-2018:2152", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874", }, { name: "RHSA-2018:2150", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { name: "1041396", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041396", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2151", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { name: "RHSA-2018:2321", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-29T00:00:00", descriptions: [ { lang: "en", value: "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-426", description: "CWE-426", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-07-25T01:06:05", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { name: "RHSA-2018:2152", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874", }, { name: "RHSA-2018:2150", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { name: "1041396", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041396", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2151", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { name: "RHSA-2018:2321", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-10874", datePublished: "2018-07-02T13:00:00", dateReserved: "2018-05-09T00:00:00", dateUpdated: "2024-08-05T07:46:47.224Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-10691 (GCVE-0-2020-10691)
Vulnerability from cvelistv5
Published
2020-04-30 16:23
Modified
2024-08-04 11:06
Severity ?
EPSS score ?
Summary
An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691 | x_refsource_CONFIRM | |
| https://github.com/ansible/ansible/pull/68596 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:11.130Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/68596", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "all ansible-engine versions 2.9.x prior to 2.9.7", }, ], }, ], descriptions: [ { lang: "en", value: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-30T16:23:36", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/pull/68596", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-10691", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "all ansible-engine versions 2.9.x prior to 2.9.7", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", }, ], }, impact: { cvss: [ [ { vectorString: "5.2/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691", }, { name: "https://github.com/ansible/ansible/pull/68596", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/pull/68596", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-10691", datePublished: "2020-04-30T16:23:36", dateReserved: "2020-03-20T00:00:00", dateUpdated: "2024-08-04T11:06:11.130Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-7481 (GCVE-0-2017-7481)
Vulnerability from cvelistv5
Published
2018-07-19 13:00
Modified
2024-08-05 16:04
Severity ?
EPSS score ?
Summary
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:1599 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:1334 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/98492 | vdb-entry, x_refsource_BID | |
| https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:1244 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:1499 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2524 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:1476 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/4072-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html | mailing-list, x_refsource_MLIST |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:04:11.540Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:1599", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98492", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "ansible 2.3.1.0", }, { status: "affected", version: "ansible 2.4.0.0", }, ], }, ], datePublic: "2017-05-09T00:00:00", descriptions: [ { lang: "en", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-27T23:06:14", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2017:1599", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98492", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-7481", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "ansible 2.3.1.0", }, { version_value: "ansible 2.4.0.0", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, ], }, impact: { cvss: [ [ { vectorString: "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:1599", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", refsource: "BID", url: "http://www.securityfocus.com/bid/98492", }, { name: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-7481", datePublished: "2018-07-19T13:00:00", dateReserved: "2017-04-05T00:00:00", dateUpdated: "2024-08-05T16:04:11.540Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-7750 (GCVE-0-2018-7750)
Vulnerability from cvelistv5
Published
2018-03-13 18:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:37:58.928Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:1124", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1124", }, { name: "45712", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/45712/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/paramiko/paramiko/issues/1175", }, { name: "RHSA-2018:1125", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1125", }, { name: "RHSA-2018:1972", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1972", }, { name: "RHSA-2018:1274", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1274", }, { name: "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html", }, { name: "USN-3603-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3603-2/", }, { name: "RHSA-2018:0646", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0646", }, { name: "RHSA-2018:1213", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1213", }, { name: "USN-3603-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3603-1/", }, { name: "RHSA-2018:1525", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1525", }, { name: "RHSA-2018:1328", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1328", }, { name: "RHSA-2018:0591", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0591", }, { name: "103713", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", }, { name: "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-03-13T00:00:00", descriptions: [ { lang: "en", value: "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-28T12:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2018:1124", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1124", }, { name: "45712", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/45712/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/paramiko/paramiko/issues/1175", }, { name: "RHSA-2018:1125", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1125", }, { name: "RHSA-2018:1972", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1972", }, { name: "RHSA-2018:1274", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1274", }, { name: "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html", }, { name: "USN-3603-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3603-2/", }, { name: "RHSA-2018:0646", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0646", }, { name: "RHSA-2018:1213", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1213", }, { name: "USN-3603-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3603-1/", }, { name: "RHSA-2018:1525", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1525", }, { name: "RHSA-2018:1328", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1328", }, { name: "RHSA-2018:0591", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0591", }, { name: "103713", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103713", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", }, { name: "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-7750", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:1124", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1124", }, { name: "45712", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/45712/", }, { name: "https://github.com/paramiko/paramiko/issues/1175", refsource: "CONFIRM", url: "https://github.com/paramiko/paramiko/issues/1175", }, { name: "RHSA-2018:1125", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1125", }, { name: "RHSA-2018:1972", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1972", }, { name: "RHSA-2018:1274", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1274", }, { name: "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html", }, { name: "USN-3603-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3603-2/", }, { name: "RHSA-2018:0646", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0646", }, { name: "RHSA-2018:1213", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1213", }, { name: "USN-3603-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3603-1/", }, { name: "RHSA-2018:1525", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1525", }, { name: "RHSA-2018:1328", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1328", }, { name: "RHSA-2018:0591", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0591", }, { name: "103713", refsource: "BID", url: "http://www.securityfocus.com/bid/103713", }, { name: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", refsource: "CONFIRM", url: "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", }, { name: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", refsource: "CONFIRM", url: "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", }, { name: "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-7750", datePublished: "2018-03-13T18:00:00", dateReserved: "2018-03-07T00:00:00", dateUpdated: "2024-08-05T06:37:58.928Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14858 (GCVE-0-2019-14858)
Vulnerability from cvelistv5
Published
2019-10-14 14:36
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2019:3203 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:3202 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:3207 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:3201 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2020:0756 | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html | vendor-advisory, x_refsource_SUSE |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:26:39.087Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", }, { name: "RHSA-2019:3203", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "ansible_engine-2.x up to 2.8", }, { status: "affected", version: "ansible_tower-3.x up to 3.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-117", description: "CWE-117", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-16T08:06:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", }, { name: "RHSA-2019:3203", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-14858", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "ansible_engine-2.x up to 2.8", }, { version_value: "ansible_tower-3.x up to 3.5", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", }, ], }, impact: { cvss: [ [ { vectorString: "7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-117", }, ], }, { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858", }, { name: "RHSA-2019:3203", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3203", }, { name: "RHSA-2019:3202", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3202", }, { name: "RHSA-2019:3207", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3207", }, { name: "RHSA-2019:3201", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3201", }, { name: "RHSA-2020:0756", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0756", }, { name: "openSUSE-SU-2020:0513", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-14858", datePublished: "2019-10-14T14:36:50", dateReserved: "2019-08-10T00:00:00", dateUpdated: "2024-08-05T00:26:39.087Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-14330 (GCVE-0-2020-14330)
Vulnerability from cvelistv5
Published
2020-09-11 00:00
Modified
2024-08-04 12:39
Severity ?
EPSS score ?
Summary
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:39:36.412Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/ansible/ansible/issues/68400", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.10.0", }, ], }, ], descriptions: [ { lang: "en", value: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-07T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://github.com/ansible/ansible/issues/68400", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330", }, { name: "DSA-4950", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-14330", datePublished: "2020-09-11T00:00:00", dateReserved: "2020-06-17T00:00:00", dateUpdated: "2024-08-04T12:39:36.412Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-16859 (GCVE-0-2018-16859)
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/ansible/ansible/pull/49142 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:3770 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:3771 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/106004 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2018:3773 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3772 | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.246Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/49142", }, { name: "RHSA-2018:3770", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3770", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", }, { name: "RHSA-2018:3771", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3771", }, { name: "106004", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106004", }, { name: "RHSA-2018:3773", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3773", }, { name: "RHSA-2018:3772", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3772", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.8 and older", }, ], }, ], datePublic: "2018-11-16T00:00:00", descriptions: [ { lang: "en", value: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-14T08:06:03", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/pull/49142", }, { name: "RHSA-2018:3770", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3770", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", }, { name: "RHSA-2018:3771", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3771", }, { name: "106004", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106004", }, { name: "RHSA-2018:3773", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3773", }, { name: "RHSA-2018:3772", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3772", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "openSUSE-SU-2019:1858", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-16859", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "2.8 and older", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", }, ], }, impact: { cvss: [ [ { vectorString: "4.2/CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/ansible/ansible/pull/49142", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/pull/49142", }, { name: "RHSA-2018:3770", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3770", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859", }, { name: "RHSA-2018:3771", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3771", }, { name: "106004", refsource: "BID", url: "http://www.securityfocus.com/bid/106004", }, { name: "RHSA-2018:3773", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3773", }, { name: "RHSA-2018:3772", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3772", }, { name: "openSUSE-SU-2019:1125", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "openSUSE-SU-2019:1635", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html", }, { name: "openSUSE-SU-2019:1858", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16859", datePublished: "2018-11-29T17:00:00", dateReserved: "2018-09-11T00:00:00", dateUpdated: "2024-08-05T10:32:54.246Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-20228 (GCVE-0-2021-20228)
Vulnerability from cvelistv5
Published
2021-04-29 15:34
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1925002 | x_refsource_MISC | |
| https://github.com/ansible/ansible/pull/73487 | x_refsource_MISC | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:30:07.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/pull/73487", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "n/a", versions: [ { status: "affected", version: "ansible-engine 2.9.18", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200->CWE-522", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:24", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/pull/73487", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2021-20228", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "ansible-engine 2.9.18", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200->CWE-522", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { name: "https://github.com/ansible/ansible/pull/73487", refsource: "MISC", url: "https://github.com/ansible/ansible/pull/73487", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-20228", datePublished: "2021-04-29T15:34:08", dateReserved: "2020-12-17T00:00:00", dateUpdated: "2024-08-03T17:30:07.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3533 (GCVE-0-2021-3533)
Vulnerability from cvelistv5
This vulnerability does not meet the criteria for a security vulnerability
Show details on NVD website{ containers: { cna: { providerMetadata: { dateUpdated: "2024-01-23T12:25:46.129Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, rejectedReasons: [ { lang: "en", value: "This vulnerability does not meet the criteria for a security vulnerability", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3533", datePublished: "2021-06-09T11:09:16", dateRejected: "2024-01-15T16:11:56.140Z", dateReserved: "2021-05-03T00:00:00", dateUpdated: "2024-01-23T12:25:46.129Z", state: "REJECTED", }, dataType: "CVE_RECORD", dataVersion: "5.0", }
CVE-2018-10875 (GCVE-0-2018-10875)
Vulnerability from cvelistv5
Published
2018-07-13 22:00
Modified
2024-08-05 07:46
Severity ?
EPSS score ?
Summary
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T07:46:47.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { name: "RHSA-2018:2152", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { name: "RHSA-2018:2150", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { name: "1041396", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041396", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2151", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { name: "RHSA-2018:2321", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20190916 [SECURITY] [DLA 1923-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-29T00:00:00", descriptions: [ { lang: "en", value: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-426", description: "CWE-426", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-16T14:06:20", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { name: "RHSA-2018:2152", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { name: "RHSA-2018:2150", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { name: "1041396", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041396", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", }, { name: "RHBA-2018:3788", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2019:0054", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2151", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { name: "RHSA-2018:2321", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { name: "RHSA-2018:2585", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20190916 [SECURITY] [DLA 1923-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-10875", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", }, ], }, impact: { cvss: [ [ { vectorString: "7.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-426", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:2166", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2166", }, { name: "RHSA-2018:2152", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2152", }, { name: "RHSA-2018:2150", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2150", }, { name: "1041396", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041396", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875", }, { name: "RHBA-2018:3788", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2018:3788", }, { name: "RHSA-2019:0054", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0054", }, { name: "RHSA-2018:2151", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2151", }, { name: "RHSA-2018:2321", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2321", }, { name: "RHSA-2018:2585", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2585", }, { name: "DSA-4396", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4396", }, { name: "openSUSE-SU-2019:1125", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20190916 [SECURITY] [DLA 1923-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-10875", datePublished: "2018-07-13T22:00:00", dateReserved: "2018-05-09T00:00:00", dateUpdated: "2024-08-05T07:46:47.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-1753 (GCVE-0-2020-1753)
Vulnerability from cvelistv5
Published
2020-03-16 14:37
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753 | x_refsource_CONFIRM | |
| https://github.com/ansible-collections/kubernetes/pull/51 | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.gentoo.org/glsa/202006-11 | vendor-advisory, x_refsource_GENTOO | |
| https://www.debian.org/security/2021/dsa-4950 | vendor-advisory, x_refsource_DEBIAN |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.868Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible-collections/kubernetes/pull/51", }, { name: "FEDORA-2020-1b6ce91e37", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/", }, { name: "FEDORA-2020-3990f03ba3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/", }, { name: "FEDORA-2020-f80154b5b4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/", }, { name: "GLSA-202006-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-11", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "all Ansible 2.7.x versions prior to 2.7.17", }, { status: "affected", version: "all Ansible 2.8.x versions prior to 2.8.11", }, { status: "affected", version: "all Ansible 2.9.x versions prior to 2.9.7", }, ], }, ], descriptions: [ { lang: "en", value: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-214", description: "CWE-214", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-07T14:06:13", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible-collections/kubernetes/pull/51", }, { name: "FEDORA-2020-1b6ce91e37", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/", }, { name: "FEDORA-2020-3990f03ba3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/", }, { name: "FEDORA-2020-f80154b5b4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/", }, { name: "GLSA-202006-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202006-11", }, { name: "DSA-4950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4950", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1753", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "all Ansible 2.7.x versions prior to 2.7.17", }, { version_value: "all Ansible 2.8.x versions prior to 2.8.11", }, { version_value: "all Ansible 2.9.x versions prior to 2.9.7", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", }, ], }, impact: { cvss: [ [ { vectorString: "5/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, { description: [ { lang: "eng", value: "CWE-214", }, ], }, { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753", }, { name: "https://github.com/ansible-collections/kubernetes/pull/51", refsource: "CONFIRM", url: "https://github.com/ansible-collections/kubernetes/pull/51", }, { name: "FEDORA-2020-1b6ce91e37", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/", }, { name: "FEDORA-2020-3990f03ba3", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/", }, { name: "FEDORA-2020-f80154b5b4", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/", }, { name: "GLSA-202006-11", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202006-11", }, { name: "DSA-4950", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4950", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1753", datePublished: "2020-03-16T14:37:21", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:30.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14905 (GCVE-0-2019-14905)
Vulnerability from cvelistv5
Published
2020-03-31 16:20
Modified
2024-08-05 00:34
Severity ?
EPSS score ?
Summary
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2020:0218 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2020:0216 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/ | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html | vendor-advisory, x_refsource_SUSE |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:34:52.317Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", }, { name: "RHSA-2020:0218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0218", }, { name: "RHSA-2020:0216", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0216", }, { name: "FEDORA-2020-2bed89517f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "Red Hat", versions: [ { status: "affected", version: "2.9.x before 2.9.3", }, { status: "affected", version: "2.8.x before 2.8.8", }, { status: "affected", version: "2.7.x before 2.7.16", }, { status: "affected", version: "2.7.x and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-73", description: "CWE-73", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-16T08:06:04", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", }, { name: "RHSA-2020:0218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0218", }, { name: "RHSA-2020:0216", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0216", }, { name: "FEDORA-2020-2bed89517f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/", }, { name: "openSUSE-SU-2020:0513", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-14905", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "2.9.x before 2.9.3", }, { version_value: "2.8.x before 2.8.8", }, { version_value: "2.7.x before 2.7.16", }, { version_value: "2.7.x and earlier", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", }, ], }, impact: { cvss: [ [ { vectorString: "7.3/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, { description: [ { lang: "eng", value: "CWE-73", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905", }, { name: "RHSA-2020:0218", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0218", }, { name: "RHSA-2020:0216", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0216", }, { name: "FEDORA-2020-2bed89517f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/", }, { name: "openSUSE-SU-2020:0513", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html", }, { name: "openSUSE-SU-2020:0523", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-14905", datePublished: "2020-03-31T16:20:41", dateReserved: "2019-08-10T00:00:00", dateUpdated: "2024-08-05T00:34:52.317Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }