Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-1736

Опубликовано: 16 мар. 2020
Источник: debian
EPSS Низкий

Описание

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ansibleunfixedpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1802124

  • https://github.com/ansible/ansible/issues/67794 (closed upstream)

  • https://github.com/ansible/ansible/pull/70221 (not merged)

  • The issue will not be fixed source-wise, but to avoid the issue raised in

  • CVE-2020-1736 one should specify a mode parameter in all file-based tasks

  • that accept it, cf. https://github.com/ansible/ansible/commit/7eec8e4d268d6711f317583974e9e936083de636

  • That just leaves a race condition in place where newly created files that

  • specify a mode in the task briefly go from (666 - umask) to the final mode.

  • An alternative workaround if many new files are ansible.builtin.copy mode=preserve

  • that preserve file mode from controller to managed host.

  • Documentation fix: https://github.com/ansible/ansible/commit/bc37976df2ac455a4b74d48eb824803ef27df7bc

EPSS

Процентиль: 12%
0.0004
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-1736

CVSS3: 2.2
ubuntu
почти 6 лет назад

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

redhat логотип

CVE-2020-1736

CVSS3: 2.2
redhat
почти 6 лет назад

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

nvd логотип

CVE-2020-1736

CVSS3: 2.2
nvd
почти 6 лет назад

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

github логотип

GHSA-x7jh-595q-wq82

CVSS3: 3.3
github
почти 4 года назад

Incorrect Permission Assignment for Critical Resource in Ansible

suse-cvrf логотип

openSUSE-SU-2022:0081-1

suse-cvrf
почти 4 года назад

Security update for ansible

EPSS

Процентиль: 12%
0.0004
Низкий