Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3701

Опубликовано: 23 июн. 2021
Источник: redhat
CVSS3: 6.6
EPSS Низкий

Описание

A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity.

Отчет

Red Hat Ceph Storage 4 ships an older version of ansible-runner, which does not include the affected code. However, it does use a hardcoded path to the private data, with shipping a vulnerable os.path.join functionality, which could result in an attacker pre-creating the directory for the private data with world R/W permissions as in this exploit. As a result, it has been assigned an impact of low.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5ansible-runnerNot affected
Red Hat Ansible Automation Platform 1.2ansible-runnerNot affected
Red Hat Ansible Automation Platform 2ansible-runnerNot affected
Red Hat Ansible Tower 3ansible-runnerNot affected
Red Hat Ansible Tower 3python2-ansible-runnerNot affected
Red Hat Ansible Tower 3python3-ansible-runnerNot affected
Red Hat Ceph Storage 4ansible-runnerAffected
Red Hat OpenShift Container Platform 3.11ansible-runnerNot affected
Red Hat OpenShift Container Platform 4ansible-runnerNot affected
Red Hat OpenStack Platform 13 (Queens)python-ansible-runnerNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-276
https://bugzilla.redhat.com/show_bug.cgi?id=1977959ansible-runner: Artifacts are written to world rw location by default

EPSS

Процентиль: 34%
0.00133
Низкий

6.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-3701

CVSS3: 6.6
ubuntu
больше 3 лет назад

A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity.

nvd логотип

CVE-2021-3701

CVSS3: 6.6
nvd
больше 3 лет назад

A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity.

debian логотип

CVE-2021-3701

CVSS3: 6.6
debian
больше 3 лет назад

A flaw was found in ansible-runner where the default temporary files c ...

github логотип

GHSA-wwch-cmqr-hhrm

CVSS3: 6.6
github
больше 3 лет назад

ansible-runner has default temporary files written to world R/W locations

EPSS

Процентиль: 34%
0.00133
Низкий

6.6 Medium

CVSS3