Skip to main content

Ansible Engine CVE-2020-1737

HIGH
Path Traversal (CWE-22)
2020-03-09 secalert@redhat.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 09, 2020 - 16:15 nvd
HIGH 7.8

DescriptionNVD

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.

AnalysisAI

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. Affected products include: Redhat Ansible Engine, Redhat Ansible Tower.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

CVE-2018-7750 CRITICAL POC
9.8 Mar 13

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x

CVE-2020-14330 MEDIUM POC
5.5 Sep 11

An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is

CVE-2020-1753 MEDIUM POC
5.5 Mar 16

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prio

CVE-2019-14846 HIGH
7.8 Oct 08

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were l

CVE-2018-16837 HIGH
7.8 Oct 23

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. Rated high severity (CVSS 7.8), th

CVE-2018-10875 HIGH
7.8 Jul 13

A flaw was found in ansible. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patc

CVE-2018-10874 HIGH
7.8 Jul 02

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command w

CVE-2021-20228 HIGH
7.5 Apr 29

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the

CVE-2020-1734 HIGH
7.4 Mar 03

A flaw was found in the pipe lookup plugin of ansible. Rated high severity (CVSS 7.4). No vendor patch available.

CVE-2021-3583 HIGH
7.1 Sep 22

A flaw was found in Ansible, where a user's controller is vulnerable to template injection. Rated high severity (CVSS 7.

CVE-2020-14365 HIGH
7.1 Sep 23

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, wh

CVE-2018-10855 MEDIUM
5.9 Jul 03

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. Rated medium sev

Share

CVE-2020-1737 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy