CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3702
https://notcve.org/view.php?id=CVE-2021-3702
A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's private_data_dir the next time ansible-runner made use of the private_data_dir. The highest Threat out of this flaw is to integrity and confidentiality. Se encontró un fallo de condición de carrera en ansible-runner, donde un atacante podría observar la creación y eliminación rápida de un directorio temporal, sustituir su directorio por ese nombre, y luego tener acceso al private_data_dir de ansible-runner la próxima vez que ansible-runner hiciera uso del private_data_dir. La mayor amenaza de este fallo es para la integridad y la confidencialidad. • https://access.redhat.com/security/cve/CVE-2021-3702 https://bugzilla.redhat.com/show_bug.cgi?id=1977965 https://github.com/ansible/ansible-runner/pull/742/commits • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3701
https://notcve.org/view.php?id=CVE-2021-3701
A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity. Se ha encontrado un fallo en ansible-runner en el que la configuración de archivos temporales por defecto en ansible versión 2.0.0, es escrito en ubicaciones R/W del mundo. Este fallo permite a un atacante precrear el directorio, resultando en una lectura de información privada o forzando a ansible-runner a escribir archivos como el usuario legítimo en un lugar que no esperaba. • https://access.redhat.com/security/cve/CVE-2021-3701 https://bugzilla.redhat.com/show_bug.cgi?id=1977959 https://github.com/ansible/ansible-runner/issues/738 https://github.com/ansible/ansible-runner/pull/742/commits • CWE-276: Incorrect Default Permissions •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2568 – Ansible: Logic flaw leads to privilage escalation
https://notcve.org/view.php?id=CVE-2022-2568
A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges. Se ha encontrado un fallo de escalada de privilegios en Ansible Automation Platform. Este fallo permite a un usuario remoto autenticado con permisos de tipo "change user" modificar la configuración de la cuenta de superusuario y también eliminar los privilegios de superusuario. • https://bugzilla.redhat.com/show_bug.cgi?id=2108653 https://access.redhat.com/security/cve/CVE-2022-2568 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3681
https://notcve.org/view.php?id=CVE-2021-3681
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the ``build_ignore`` list in "galaxy.yml" include files in the ``.tar.gz`` file. This contains sensitive info, such as the user's Ansible Galaxy API key and any secrets in ``ansible`` or ``ansible-playbook`` verbose output without the``no_log`` redaction. Currently, there is no way to deprecate a Collection Or delete a Collection Version. Once published, anyone who downloads or installs the collection can view the secrets. • https://bugzilla.redhat.com/show_bug.cgi?id=1989407 https://github.com/ansible/galaxy/issues/1977 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3589
https://notcve.org/view.php?id=CVE-2021-3589
An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un fallo de autorización en Foreman Ansible. Un atacante autenticado con determinados permisos para crear y ejecutar trabajos de Ansible puede acceder a hosts mediante plantillas de trabajo. • https://access.redhat.com/security/cve/CVE-2021-3589 https://bugzilla.redhat.com/show_bug.cgi?id=1969265 • CWE-306: Missing Authentication for Critical Function •