Описание
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
A flaw was found in ansible. The vault subsystem does not set the umask before creation or modification of a vault file which allows local users to obtain sensitive key information by reading a file. The highest threat from this vulnerability is to data confidentiality.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| CloudForms Management Engine 5 | ansible | Not affected | ||
| Red Hat Ansible Engine 2 | ansible | Not affected | ||
| Red Hat Ansible Tower 3 | ansible | Not affected | ||
| Red Hat Ceph Storage 2 | ansible | Not affected | ||
| Red Hat Ceph Storage 3 | ansible | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | ansible | Not affected | ||
| Red Hat OpenStack Platform 13 (Queens) | ansible | Not affected | ||
| Red Hat Storage 3 | ansible | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
The vault subsystem in Ansible before 1.5.5 does not set the umask bef ...
EPSS
5.5 Medium
CVSS3