Vulnerability CVE-2017-7481
Published: 2018-07-19

Description:
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Redhat -> Ansible engine 
Redhat -> Gluster storage 
Redhat -> Openshift container platform 
Redhat -> Openstack 
Redhat -> Virtualization 

 References:
http://www.securityfocus.com/bid/98492
https://access.redhat.com/errata/RHSA-2017:1244
https://access.redhat.com/errata/RHSA-2017:1334
https://access.redhat.com/errata/RHSA-2017:1476
https://access.redhat.com/errata/RHSA-2017:1499
https://access.redhat.com/errata/RHSA-2017:1599
https://access.redhat.com/errata/RHSA-2017:2524
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481
https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2
https://usn.ubuntu.com/4072-1/
Copyright 2024, cxsecurity.com

 

Back to Top