Ansible
CVE-2020-10684
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.
AnalysisAI
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection. Affected products include: Redhat Ansible, Redhat Ansible Tower, Redhat Openstack, Debian Debian Linux, Fedoraproject Fedora. Version information: prior to 2.7.17.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
A flaw was found in ansible 2.8.0 before 2.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploit
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkin
Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its a
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a play
The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. Rated high seve
A flaw was found in the Ansible Engine when the fetch module is used. Rated medium severity (CVSS 4.6), this vulnerabili
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environme
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local use
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the u
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file t
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today