CVE-2018-1104
ansible-tower: Remote code execution by users with access to define variables in job templates
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server.
Ansible Tower hasta la versión 3.2.3 tiene una vulnerabilidad que permite que usuarios que solo tienen acceso para definir variables para una plantilla de trabajo ejecuten código arbitrario en el servidor Tower.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-12-04 CVE Reserved
- 2018-05-02 CVE Published
- 2024-04-06 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (6)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:1328 | 2019-10-09 | |
| https://access.redhat.com/errata/RHSA-2018:1972 | 2019-10-09 | |
| https://access.redhat.com/security/cve/cve-2018-1104 | 2019-10-09 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1565862 | 2018-06-25 | |
| https://www.ansible.com/security | 2019-10-09 | |
| https://access.redhat.com/security/cve/CVE-2018-1104 | 2018-06-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Ansible Tower Search vendor "Redhat" for product "Ansible Tower" | <= 3.2.3 Search vendor "Redhat" for product "Ansible Tower" and version " <= 3.2.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Cloudforms Search vendor "Redhat" for product "Cloudforms" | 4.5 Search vendor "Redhat" for product "Cloudforms" and version "4.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Cloudforms Search vendor "Redhat" for product "Cloudforms" | 4.6 Search vendor "Redhat" for product "Cloudforms" and version "4.6" | - |
Affected
| ||||||