Redhat Ansible vulnerabilities

CVE-2020-14332 [MEDIUM] CWE-117 Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from th

CVE-2021-3583 [HIGH] CWE-20 CVE-2021-3583: A flaw was found in Ansible, where a user's controller is vulnerable to template injection A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which disclos

CVE-2021-3533 CVE-2021-3533: A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansi

CVE-2020-10729 [MEDIUM] CWE-330 CVE-2020-10729: A flaw was found in the use of insufficiently random values in Ansible A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.

CVE-2021-20191 [MEDIUM] CWE-532 CVE-2021-20191: A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by def A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are

CVE-2021-20178 [MEDIUM] CWE-532 CVE-2021-20178: A flaw was found in ansible module where credentials are disclosed in the console log by default and A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.

CVE-2021-20228 [HIGH] CWE-200 CVE-2021-20228: A flaw was found in the Ansible Engine 2 A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.

CVE-2019-14905 [HIGH] CWE-20 Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used t

CVE-2020-1737 [HIGH] CWE-22 Path Traversal in Ansible Path Traversal in Ansible A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.

CVE-2020-1746 [MEDIUM] CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ansible Exposure of Sensitive Information to an Unauthorized Actor in ansible A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to

CVE-2020-10691 [MEDIUM] CWE-22 Path Traversal in Ansible Path Traversal in Ansible An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running `ansible-galaxy collection` install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.

CVE-2020-1753 [MEDIUM] CWE-200 Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible

CVE-2020-10685 [MEDIUM] CWE-377 Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s

CVE-2021-3447 [MEDIUM] CWE-532 CVE-2021-3447: A flaw was found in several ansible modules, where parameters containing credentials, such as secret A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal th

CVE-2020-25646 [HIGH] CVE-2020-25646: A flaw was found in Ansible Collection community A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality

CVE-2020-25636 [HIGH] CWE-377 CVE-2020-25636: A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace s A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

CVE-2020-25635 [MEDIUM] CWE-212 CVE-2020-25635: A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is no A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.

CVE-2020-14365 [HIGH] CWE-347 CVE-2020-14365: A flaw was found in the Ansible Engine, in ansible-engine 2 A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via packag

CVE-2019-14904 [HIGH] CWE-20 CVE-2019-14904: A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the nam A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the r

CVE-2020-10744 [MEDIUM] CWE-377 CVE-2020-10744: An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary direct An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansib