CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2020-14365 – ansible: dnf module install packages with no GPG signature
https://notcve.org/view.php?id=CVE-2020-14365
02 Sep 2020 — A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability. Se encontr... • https://bugzilla.redhat.com/show_bug.cgi?id=1869154 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14327 – Tower: SSRF: Server Side Request Forgery on Credential
https://notcve.org/view.php?id=CVE-2020-14327
05 Aug 2020 — A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response. Se encontró un fallo de tipo Server-side request f... • https://bugzilla.redhat.com/show_bug.cgi?id=1856785 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14329 – Tower: Sensitive Data Exposure on Label
https://notcve.org/view.php?id=CVE-2020-14329
05 Aug 2020 — A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo de exposición de datos en Ansible Tower en versiones anteriores a 3.7.2, donde los datos confidenciales pueden estar expuestos desde el ... • https://bugzilla.redhat.com/show_bug.cgi?id=1856787 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14328 – Tower: SSRF: Server Side Request Forgery on webhooks
https://notcve.org/view.php?id=CVE-2020-14328
05 Aug 2020 — A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving full details in case of error. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo en Ansible Tower en versiones anteriores a la 3.7.2. Puede ser abusado un fallo de tipo Server Side Reque... • https://bugzilla.redhat.com/show_bug.cgi?id=1856786 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14337 – Tower: Named URLs allow for testing the presence or absence of objects
https://notcve.org/view.php?id=CVE-2020-14337
31 Jul 2020 — A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo de exposición de datos en Tower, donde fueron revelados datos confidenciales de los códigos de error de retorno HTTP. Este fallo permite a un atacante no autenticado remoto recupe... • https://bugzilla.redhat.com/show_bug.cgi?id=1859139 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10744
https://notcve.org/view.php?id=CVE-2020-10744
15 May 2020 — An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected. Se ha encontrado una corrección incompleta para la corrección del fallo de ansible CVE... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-377: Insecure Temporary File •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1746 – ansible: Information disclosure issue in ldap_attr and ldap_entry modules
https://notcve.org/view.php?id=CVE-2020-1746
22 Apr 2020 — A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality. Se detectó un fallo e... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10691 – Ansible: archive traversal vulnerability in ansible-galaxy collection install
https://notcve.org/view.php?id=CVE-2020-10691
22 Apr 2020 — An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system. Se ha detectado un fallo de salto de archivo en todas las versiones de ansible-engine 2.9.x anteriores a 2.9.7, cuando se ejecuta una instalación de una colección ansible-galaxy. Al extraer un archivo... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10685 – Ansible: modules which use files encrypted with vault are not properly cleaned up
https://notcve.org/view.php?id=CVE-2020-10685
22 Apr 2020 — A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only clear... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685 • CWE-459: Incomplete Cleanup •
CVSS: 7.9EPSS: 0%CPEs: 12EXPL: 0CVE-2020-10684 – Ansible: code injection when using ansible_facts as a subkey
https://notcve.org/view.php?id=CVE-2020-10684
24 Mar 2020 — A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection. Se descubrió un fallo en Ansible Engine, todas las version... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-862: Missing Authorization •