GSD-2023-5764
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-5764",
"id": "GSD-2023-5764"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-5764"
],
"details": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.",
"id": "GSD-2023-5764",
"modified": "2023-12-13T01:20:50.796904Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-5764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-1336",
"lang": "eng",
"value": "Improper Neutralization of Special Elements Used in a Template Engine"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2023:7773",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2023-5764",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5995DC14-0DBB-4784-B57D-21F850D4CE63",
"versionEndExcluding": "2.14.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4212FD6E-7D15-403C-9B4B-48F348F18501",
"versionEndExcluding": "2.15.7",
"versionStartIncluding": "2.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible:2.16.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D717EC3B-C9C9-49C5-B64B-58A46A6A99B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible:2.16.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B01E3989-78A3-4CD3-9F6B-CD5AF3559365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible:2.16.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D109D9B1-B465-4708-BC0C-134AF8D81BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible:2.16.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "90BA6AD3-1627-46DA-9972-96A567EC17A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05986E3C-7E5B-45C1-81B0-9D856A8FF1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible_developer:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE40363-D286-4EB7-80D2-17CF3B606AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible_inside:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "897AB7AC-52B1-4335-97D5-D5EA2FF09CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla de inyecci\u00f3n de plantilla en Ansible donde las operaciones de creaci\u00f3n de plantillas internas del controlador de un usuario pueden eliminar la designaci\u00f3n insegura de los datos de la plantilla. Este problema podr\u00eda permitir que un atacante utilice un archivo especialmente manipulado para introducir la inyecci\u00f3n de c\u00f3digo al proporcionar datos de plantillas."
}
],
"id": "CVE-2023-5764",
"lastModified": "2024-04-25T16:15:08.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2023-12-12T22:15:22.747",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…