Skip to main content

Ansible CVE-2020-1740

MEDIUM
Insecure Temporary File (CWE-377)
2020-03-16 secalert@redhat.com
4.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.7 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 16, 2020 - 16:15 nvd
MEDIUM 4.7

DescriptionNVD

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

AnalysisAI

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. Rated medium severity (CVSS 4.7). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-377. A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. Affected products include: Redhat Ansible, Redhat Ansible Tower, Redhat Cloudforms Management Engine, Redhat Openstack, Debian Debian Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-10217 MEDIUM POC
6.5 Nov 25

A flaw was found in ansible 2.8.0 before 2.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploit

CVE-2017-7550 CRITICAL
9.8 Nov 21

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkin

CVE-2021-33924 CRITICAL
9.8 Sep 29

Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its a

CVE-2020-1733 MEDIUM POC
5.0 Mar 11

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a play

CVE-2014-3498 HIGH
8.8 Jun 08

The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. Rated high seve

CVE-2020-1735 MEDIUM POC
4.6 Mar 16

A flaw was found in the Ansible Engine when the fetch module is used. Rated medium severity (CVSS 4.6), this vulnerabili

CVE-2015-6240 HIGH
7.8 Jun 07

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environme

CVE-2016-3096 HIGH
7.8 Jun 03

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local use

CVE-2023-5764 HIGH
7.8 Dec 12

A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the u

CVE-2022-3697 HIGH
7.5 Oct 28

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2

CVE-2020-1736 LOW POC
3.3 Mar 16

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified

CVE-2020-25636 HIGH
7.1 Oct 05

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file t

Share

CVE-2020-1740 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy