CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-7466 – ansible: Arbitrary code execution on control node (incomplete fix for CVE-2016-9587)
https://notcve.org/view.php?id=CVE-2017-7466
18 May 2017 — Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges. Ansible en versiones anteriores a la 2.3 tiene una vulnerabilidad de validación de entradas en la gestión de datos enviados desde los sistemas del cliente. Un ata... • http://www.securityfocus.com/bid/97595 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 2CVE-2016-9587 – Ansible 2.1.4/2.2.1 - Command Execution
https://notcve.org/view.php?id=CVE-2016-9587
12 Jan 2017 — Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges. Ansible, en versiones anteriores a la 2.1.4 y la 2.2.1, es vulnerable a una validación de entradas incorrecta en la gestión de Ansible de da... • https://packetstorm.news/files/id/140466 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8628 – ansible: Command injection by compromised server via fact variables
https://notcve.org/view.php?id=CVE-2016-8628
16 Nov 2016 — Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as. Ansible en versiones anteriores a la 2.2.0 no sanea correctamente las variables de hecho enviadas desde el controlador de Ansible. Un atacante que pueda crear variables especiales en el controlador podría ejecutar comandos arbitrarios en los clientes ... • http://www.securityfocus.com/bid/94109 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-3096 – Gentoo Linux Security Advisory 201607-14
https://notcve.org/view.php?id=CVE-2016-3096
03 Jun 2016 — The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory. La función create_script en el módulo lxc_container en Ansible en versiones anteriores a 1.9.6-1 y 2.x en versiones anteriores a 2.0.2.... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3908
https://notcve.org/view.php?id=CVE-2015-3908
12 Aug 2015 — Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Vulnerabilidad en Ansible en versiones anteriores a 1.9.2, no verifica que el hostname del servidor coincida con un nombre de dominio en el Common Name (CN) del sujeto o el campo subjectAltName del certificado X.509, lo que permite a atacantes ma... • http://lists.opensuse.org/opensuse-updates/2015-07/msg00051.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2014-4657 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4657
24 Nov 2014 — The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. La función safe_eval en Ansible versiones anteriores a 1.5.4, no restringe apropiadamente el subconjunto de código, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. Multiple vulnerabilities have been found in Ansible which may allow local privilege escalation. Versions less than 1.6.8 ar... • https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 20%CPEs: 4EXPL: 0CVE-2014-4678 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4678
24 Nov 2014 — The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657. La función safe_eval en Ansible versiones anteriores a 1.6.4, no restringe apropiadamente el subconjunto de códigos, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. NOTA: esta vulnerabilidad se presenta debi... • https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-4967 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4967
22 Jul 2014 — Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. Múltiples vulnerabilidades de inyección de argumentos en Ansible versiones anteriores a 1.6.7, permiten a atacantes remotos ejecutar código arbitrario al... • http://www.ocert.org/advisories/ocert-2014-004.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-4966 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4966
22 Jul 2014 — Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. Ansible versiones anteriores a 1.6.7, no impide los datos de inventario con las subcadenas "{{" y "lookup", y no impide los datos remotos con las subcadenas "{{", lo que permite a atacantes remotos ejecutar código arbitrario por medio de (1) llamad... • http://www.ocert.org/advisories/ocert-2014-004.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4260
https://notcve.org/view.php?id=CVE-2013-4260
16 Sep 2013 — lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/. lib/ansible/playbook/__init__.py en Ansible 1.2.x (anteriores a 1.2.3), cuando playbook no funciona debido a un error, permite a usuarios locales sobreescribir archivos a discrección a través de un ataque symlink en un archivo de reintento con un nombre predecible en /var/... • http://www.ansible.com/security • CWE-264: Permissions, Privileges, and Access Controls •