OpenSUSE Linux update for ansible
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-16837 CVE-2018-16859 CVE-2018-16876 CVE-2019-3828 |
| CWE-ID | CWE-200 CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SUSE Package Hub for SUSE Linux Enterprise Universal components / Libraries / Libraries used by multiple products |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU15721
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16837
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to Ansible "User" module exposes data passed as parameter to ssh-keygen. A local user with ability to view process list can obtain sensitive information.
MitigationUpdate the affected packages.
SUSE Package Hub for SUSE Linux Enterprise: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU16312
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16859
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker with administrative privileges to obtain potentially sensitive information.
The vulnerability exists due to the plaintext exposure of “become” passwords when Ansible playbooks are executed on a Windows system with PowerShell scriptblock logging and module logging. A local attacker can discover the plaintext password that can be used to conduct further attacks.
MitigationUpdate the affected packages.
SUSE Package Hub for SUSE Linux Enterprise: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU16629
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16876
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to the affected software does not honor the no_log flag for failed tasks with vvv+ mode enabled. A remote attacker can send a specially crafted request to a targeted system via a connection plug-in that is designed to trigger connection exceptions, which could cause task information to be logged and access sensitive information, which could be used to conduct further attacks.
MitigationUpdate the affected packages.
SUSE Package Hub for SUSE Linux Enterprise: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Path traversal
EUVDB-ID: #VU21766
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3828
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and copy and overwrite files outside of the specified destination in the local ansible controller host.
MitigationUpdate the affected packages.
SUSE Package Hub for SUSE Linux Enterprise: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
