CVE-2020-14365 – ansible: dnf module install packages with no GPG signature
https://notcve.org/view.php?id=CVE-2020-14365
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability. Se encontró un fallo en Ansible Engine, en ansible-engine versiones 2.8.x anteriores a 2.8.15 y ansible-engine versiones 2.9.x anteriores a 2.9.13, Cuando se instalan paquetes usando el módulo dnf. • https://bugzilla.redhat.com/show_bug.cgi?id=1869154 https://www.debian.org/security/2021/dsa-4950 https://access.redhat.com/security/cve/CVE-2020-14365 • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2020-14328 – Tower: SSRF: Server Side Request Forgery on webhooks
https://notcve.org/view.php?id=CVE-2020-14328
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving full details in case of error. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo en Ansible Tower en versiones anteriores a la 3.7.2. Puede ser abusado un fallo de tipo Server Side Request Forgery al suministrar una URL que podría conllevar a un servidor procesarse y conectarse a servicios internos o exponer servicios internos adicionales y, más particularmente, recuperar detalles completos en caso de error. • https://bugzilla.redhat.com/show_bug.cgi?id=1856786 https://access.redhat.com/security/cve/CVE-2020-14328 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-14329 – Tower: Sensitive Data Exposure on Label
https://notcve.org/view.php?id=CVE-2020-14329
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo de exposición de datos en Ansible Tower en versiones anteriores a 3.7.2, donde los datos confidenciales pueden estar expuestos desde el endpoint /api/v2/labels/. Este fallo permite a usuarios de otras organizaciones en el sistema recuperar cualquier etiqueta de la organización y también divulgar los nombres de las organizaciones. • https://bugzilla.redhat.com/show_bug.cgi?id=1856787 https://access.redhat.com/security/cve/CVE-2020-14329 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-14327 – Tower: SSRF: Server Side Request Forgery on Credential
https://notcve.org/view.php?id=CVE-2020-14327
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response. Se encontró un fallo de tipo Server-side request forgery (SSRF) en Ansible Tower en versiones anteriores a 3.6.5 y anteriores a 3.7.2. Es abusada de la funcionalidad en el servidor Tower al proporcionar una URL que podría conllevar al servidor a procesarla. • https://bugzilla.redhat.com/show_bug.cgi?id=1856785 https://access.redhat.com/security/cve/CVE-2020-14327 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-14337 – Tower: Named URLs allow for testing the presence or absence of objects
https://notcve.org/view.php?id=CVE-2020-14337
A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo de exposición de datos en Tower, donde fueron revelados datos confidenciales de los códigos de error de retorno HTTP. Este fallo permite a un atacante no autenticado remoto recuperar páginas de la organización predeterminada y comprobar los nombres de usuario presentes. • https://bugzilla.redhat.com/show_bug.cgi?id=1859139 https://access.redhat.com/security/cve/CVE-2020-14337 • CWE-209: Generation of Error Message Containing Sensitive Information •