Skip to main content

Ansible Engine CVE-2020-10685

MEDIUM
Incomplete Cleanup (CWE-459)
2020-05-11 secalert@redhat.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
May 11, 2020 - 14:15 nvd
MEDIUM 5.5

DescriptionNVD

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.

AnalysisAI

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-459. A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble. Affected products include: Redhat Ansible Engine, Redhat Ansible Tower, Redhat Ceph Storage, Redhat Openstack, Redhat Storage. Version information: before 2.7.17.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-7750 CRITICAL POC
9.8 Mar 13

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x

CVE-2020-14330 MEDIUM POC
5.5 Sep 11

An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is

CVE-2020-1753 MEDIUM POC
5.5 Mar 16

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prio

CVE-2020-1737 HIGH
7.8 Mar 09

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function f

CVE-2019-14846 HIGH
7.8 Oct 08

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were l

CVE-2018-16837 HIGH
7.8 Oct 23

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. Rated high severity (CVSS 7.8), th

CVE-2018-10875 HIGH
7.8 Jul 13

A flaw was found in ansible. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patc

CVE-2018-10874 HIGH
7.8 Jul 02

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command w

CVE-2021-20228 HIGH
7.5 Apr 29

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the

CVE-2020-1734 HIGH
7.4 Mar 03

A flaw was found in the pipe lookup plugin of ansible. Rated high severity (CVSS 7.4). No vendor patch available.

CVE-2021-3583 HIGH
7.1 Sep 22

A flaw was found in Ansible, where a user's controller is vulnerable to template injection. Rated high severity (CVSS 7.

CVE-2020-14365 HIGH
7.1 Sep 23

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, wh

Share

CVE-2020-10685 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy