CVE-2020-1734
published 2020-03-03CVE-2020-1734: A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by…
high7.4CVSS 3.1
AVLACHPRLUIRSCCHIHAL
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ansible | — | — |
| red_hat | ansible | — | — |
| redhat | ansible | >= 0 < 2.8.13 | 2.8.13 |
| redhat | ansible | >= 2.10.0a1 < 2.10.0rc1 | 2.10.0rc1 |
| redhat | ansible | >= 2.9.0a1 < 2.9.11 | 2.9.11 |
| redhat | ansible_engine | <= 2.7.16 | — |
| redhat | ansible_engine | — | — |
| redhat | ansible_engine | — | — |
| redhat | ansible_tower | <= 3.3.4 | — |
| redhat | ansible_tower | — | — |
| redhat | ansible_tower | — | — |
| redhat | ansible_tower | — | — |
CVSS provenance
nvdv3.17.4HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
osv7.4HIGH