CVSS: 3.9EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1739 – ansible: svn module leaks password when specified as a parameter
https://notcve.org/view.php?id=CVE-2020-1739
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs. Se detectó un fallo en Ansible versiones 2.7.16 y anteriores, versiones 2.8.8 y anteriores y versiones 2.9.5 y anteriores, cuando es establecida una contraseña con el argumento "password" del módulo svn, es usado en la línea de comandos svn, revelando a otros usuarios dentro del mismo nodo. Un atacante podría tomar ventaja de ello mediante una lectura del archivo cmdline de ese PID en particular en los procfs. A flaw was found in Ansible Engine. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739 https://github.com/ansible/ansible/issues/67797 https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPL • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 1CVE-2020-1733 – ansible: insecure temporary directory when running become_user from become directive
https://notcve.org/view.php?id=CVE-2020-1733
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'. Se encontró un fallo de condición de carrera en Ansible Engine versiones 2.7.17 y anteriores, 2.8.9 y anteriores, 2.9.6 y anteriores, cuando se ejecuta un playbook con un usuario convertido a no privilegiado. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733 https://github.com/ansible/ansible/issues/67791 https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJK • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-377: Insecure Temporary File •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-14894 – CloudForms: RCE vulnerability in NFS schedule backup
https://notcve.org/view.php?id=CVE-2019-14894
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root. Se encontró un fallo en el motor de administración de CloudForms versión 5.10 y la administración de CloudForms versión 5.11, que desencadenó una ejecución de código remota por medio de la copia de seguridad de la programación NFS. Un atacante que haya iniciado sesión en la consola de administración podría usar este fallo para ejecutar comandos de shell arbitrarios en el servidor de CloudForms como root A flaw was found in the CloudForms management engine, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14894 https://access.redhat.com/security/cve/CVE-2019-14894 https://bugzilla.redhat.com/show_bug.cgi?id=1769411 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0CVE-2019-14905 – Ansible: malicious code could craft filename in nxos_file_copy module
https://notcve.org/view.php?id=CVE-2019-14905
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues. Se detectó una vulnerabilidad en Ansible Engine versiones 2.9.x anteriores a 2.9.3, versiones 2.8.x anteriores a 2.8.8, versiones 2.7.x anteriores a 2.7.16 y anteriores, donde en el módulo nxos_file_copy de Ansible puede ser usado para copiar archivos a una flash o bootflash en dispositivos NXOS. Un código malicioso podría diseñar el parámetro filename para llevar a cabo inyecciones de comandos de Sistema Operativo. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html https://access.redhat.com/errata/RHSA-2020:0216 https://access.redhat.com/errata/RHSA-2020:0218 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR https://access.redhat.com/security/cve/CVE-2019-14905 https://bugzilla.red • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3536
https://notcve.org/view.php?id=CVE-2014-3536
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration CFME (CloudForms Management Engine) versión 5: la información de la cuenta RHN es registrada en el archivo top_output.log durante el registro. • https://access.redhat.com/security/cve/cve-2014-3536 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3536 • CWE-532: Insertion of Sensitive Information into Log File •