CVE-2020-14365

ansible: dnf module install packages with no GPG signature

Severity Score

7.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.

Se encontró un fallo en Ansible Engine, en ansible-engine versiones 2.8.x anteriores a 2.8.15 y ansible-engine versiones 2.9.x anteriores a 2.9.13, Cuando se instalan paquetes usando el módulo dnf. Unas firmas GPG son ignoradas durante la instalación incluso cuando disable_gpg_check es establecida en False, que es el comportamiento predeterminado. Este fallo conlleva a que son instalados paquetes maliciosos en el sistema y son ejecutados códigos arbitrarios por medio de scripts de instalación de paquetes. La mayor amenaza de esta vulnerabilidad es la integridad y la disponibilidad del sistema

A flaw was found in the Ansible Engine when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-06-17 CVE Reserved
2020-09-02 CVE Published
2023-03-08 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-347: Improper Verification of Cryptographic Signature

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1869154	2020-09-01
https://www.debian.org/security/2021/dsa-4950	2022-04-05
https://access.redhat.com/security/cve/CVE-2020-14365	2020-09-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Ansible Engine Search vendor "Redhat" for product "Ansible Engine"				>= 2.8.0 <= 2.8.15 Search vendor "Redhat" for product "Ansible Engine" and version " >= 2.8.0 <= 2.8.15"		-		Affected
Redhat Search vendor "Redhat"		Ansible Engine Search vendor "Redhat" for product "Ansible Engine"				>= 2.9.0 <= 2.9.13 Search vendor "Redhat" for product "Ansible Engine" and version " >= 2.9.0 <= 2.9.13"		-		Affected
Redhat Search vendor "Redhat"		Ansible Tower Search vendor "Redhat" for product "Ansible Tower"				>= 3.6.0 <= 3.6.5 Search vendor "Redhat" for product "Ansible Tower" and version " >= 3.6.0 <= 3.6.5"		-		Affected
Redhat Search vendor "Redhat"		Ansible Tower Search vendor "Redhat" for product "Ansible Tower"				>= 3.7.0 <= 3.7.2 Search vendor "Redhat" for product "Ansible Tower" and version " >= 3.7.0 <= 3.7.2"		-		Affected
Redhat Search vendor "Redhat"		Ansible Tower Search vendor "Redhat" for product "Ansible Tower"				3.0 Search vendor "Redhat" for product "Ansible Tower" and version "3.0"		-		Affected
Redhat Search vendor "Redhat"		Ceph Storage Search vendor "Redhat" for product "Ceph Storage"				2.0 Search vendor "Redhat" for product "Ceph Storage" and version "2.0"		-		Affected
Redhat Search vendor "Redhat"		Ceph Storage Search vendor "Redhat" for product "Ceph Storage"				3.0 Search vendor "Redhat" for product "Ceph Storage" and version "3.0"		-		Affected
Redhat Search vendor "Redhat"		Openstack Platform Search vendor "Redhat" for product "Openstack Platform"				10.0 Search vendor "Redhat" for product "Openstack Platform" and version "10.0"		-		Affected
Redhat Search vendor "Redhat"		Openstack Platform Search vendor "Redhat" for product "Openstack Platform"				13.0 Search vendor "Redhat" for product "Openstack Platform" and version "13.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected