Code Injection in Ansible Automation Platform 2.0 packages



Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-3583
CWE-ID CWE-94
Exploitation vector Network
Public exploit N/A
Vulnerable software
Ansible
Server applications / Remote management servers, RDP, SSH

tini (Red Hat package)
Operating systems & Components / Operating system package or component

supervisor (Red Hat package)
Operating systems & Components / Operating system package or component

sshpass (Red Hat package)
Operating systems & Components / Operating system package or component

rhc-catalog-worker (Red Hat package)
Operating systems & Components / Operating system package or component

receptor (Red Hat package)
Operating systems & Components / Operating system package or component

python3x-pip (Red Hat package)
Operating systems & Components / Operating system package or component

python38-requirements-parser (Red Hat package)
Operating systems & Components / Operating system package or component

python38-onigurumacffi (Red Hat package)
Operating systems & Components / Operating system package or component

python38-importlib-resources (Red Hat package)
Operating systems & Components / Operating system package or component

python38-dateutil (Red Hat package)
Operating systems & Components / Operating system package or component

python38-click (Red Hat package)
Operating systems & Components / Operating system package or component

python3-semantic-version (Red Hat package)
Operating systems & Components / Operating system package or component

python3-markupsafe (Red Hat package)
Operating systems & Components / Operating system package or component

python3-jinja2 (Red Hat package)
Operating systems & Components / Operating system package or component

python3-gnupg (Red Hat package)
Operating systems & Components / Operating system package or component

python3-django (Red Hat package)
Operating systems & Components / Operating system package or component

python3-click (Red Hat package)
Operating systems & Components / Operating system package or component

python-zipp (Red Hat package)
Operating systems & Components / Operating system package or component

python-yarl (Red Hat package)
Operating systems & Components / Operating system package or component

python-xlwt (Red Hat package)
Operating systems & Components / Operating system package or component

python-xlrd (Red Hat package)
Operating systems & Components / Operating system package or component

python-whitenoise (Red Hat package)
Operating systems & Components / Operating system package or component

python-wcmatch (Red Hat package)
Operating systems & Components / Operating system package or component

python-urlman (Red Hat package)
Operating systems & Components / Operating system package or component

python-urllib3 (Red Hat package)
Operating systems & Components / Operating system package or component

python-url-normalize (Red Hat package)
Operating systems & Components / Operating system package or component

python-uritemplate (Red Hat package)
Operating systems & Components / Operating system package or component

python-typing-extensions (Red Hat package)
Operating systems & Components / Operating system package or component

python-typing (Red Hat package)
Operating systems & Components / Operating system package or component

python-tenacity (Red Hat package)
Operating systems & Components / Operating system package or component

python-tablib (Red Hat package)
Operating systems & Components / Operating system package or component

python-sqlparse (Red Hat package)
Operating systems & Components / Operating system package or component

python-six (Red Hat package)
Operating systems & Components / Operating system package or component

python-ruamel-yaml-clib (Red Hat package)
Operating systems & Components / Operating system package or component

python-ruamel-yaml (Red Hat package)
Operating systems & Components / Operating system package or component

python-rq (Red Hat package)
Operating systems & Components / Operating system package or component

python-rich (Red Hat package)
Operating systems & Components / Operating system package or component

python-resolvelib (Red Hat package)
Operating systems & Components / Operating system package or component

python-requests (Red Hat package)
Operating systems & Components / Operating system package or component

python-redis (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyyaml (Red Hat package)
Operating systems & Components / Operating system package or component

python-pytz (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyrsistent (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyparsing (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyjwt (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyjwkest (Red Hat package)
Operating systems & Components / Operating system package or component

python-pygtrie (Red Hat package)
Operating systems & Components / Operating system package or component

python-pygments (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyflakes (Red Hat package)
Operating systems & Components / Operating system package or component

python-pycryptodomex (Red Hat package)
Operating systems & Components / Operating system package or component

python-pycparser (Red Hat package)
Operating systems & Components / Operating system package or component

python-pycodestyle (Red Hat package)
Operating systems & Components / Operating system package or component

python-pycares (Red Hat package)
Operating systems & Components / Operating system package or component

python-pyOpenSSL (Red Hat package)
Operating systems & Components / Operating system package or component

python-pulpcore (Red Hat package)
Operating systems & Components / Operating system package or component

python-pulp-container (Red Hat package)
Operating systems & Components / Operating system package or component

python-pulp-ansible (Red Hat package)
Operating systems & Components / Operating system package or component

python-ptyprocess (Red Hat package)
Operating systems & Components / Operating system package or component

python-psycopg2 (Red Hat package)
Operating systems & Components / Operating system package or component

python-prometheus-client (Red Hat package)
Operating systems & Components / Operating system package or component

python-pexpect (Red Hat package)
Operating systems & Components / Operating system package or component

python-pbr (Red Hat package)
Operating systems & Components / Operating system package or component

python-packaging (Red Hat package)
Operating systems & Components / Operating system package or component

python-openpyxl (Red Hat package)
Operating systems & Components / Operating system package or component

python-odfpy (Red Hat package)
Operating systems & Components / Operating system package or component

python-multidict (Red Hat package)
Operating systems & Components / Operating system package or component

python-meld3 (Red Hat package)
Operating systems & Components / Operating system package or component

python-mccabe (Red Hat package)
Operating systems & Components / Operating system package or component

python-markuppy (Red Hat package)
Operating systems & Components / Operating system package or component

python-markdown (Red Hat package)
Operating systems & Components / Operating system package or component

python-lockfile (Red Hat package)
Operating systems & Components / Operating system package or component

python-jsonschema (Red Hat package)
Operating systems & Components / Operating system package or component

python-inflection (Red Hat package)
Operating systems & Components / Operating system package or component

python-importlib-metadata (Red Hat package)
Operating systems & Components / Operating system package or component

python-idna-ssl (Red Hat package)
Operating systems & Components / Operating system package or component

python-idna (Red Hat package)
Operating systems & Components / Operating system package or component

python-gunicorn (Red Hat package)
Operating systems & Components / Operating system package or component

python-galaxy-ng (Red Hat package)
Operating systems & Components / Operating system package or component

python-galaxy-importer (Red Hat package)
Operating systems & Components / Operating system package or component

python-future (Red Hat package)
Operating systems & Components / Operating system package or component

python-flake8 (Red Hat package)
Operating systems & Components / Operating system package or component

python-et-xmlfile (Red Hat package)
Operating systems & Components / Operating system package or component

python-enrich (Red Hat package)
Operating systems & Components / Operating system package or component

python-ecdsa (Red Hat package)
Operating systems & Components / Operating system package or component

python-dynaconf (Red Hat package)
Operating systems & Components / Operating system package or component

python-drf-spectacular (Red Hat package)
Operating systems & Components / Operating system package or component

python-drf-nested-routers (Red Hat package)
Operating systems & Components / Operating system package or component

python-drf-access-policy (Red Hat package)
Operating systems & Components / Operating system package or component

python-docutils (Red Hat package)
Operating systems & Components / Operating system package or component

python-djangorestframework-queryfields (Red Hat package)
Operating systems & Components / Operating system package or component

python-djangorestframework (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-prometheus (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-lifecycle (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-import-export (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-guid (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-guardian (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-filter (Red Hat package)
Operating systems & Components / Operating system package or component

python-django-currentuser (Red Hat package)
Operating systems & Components / Operating system package or component

python-diff-match-patch (Red Hat package)
Operating systems & Components / Operating system package or component

python-defusedxml (Red Hat package)
Operating systems & Components / Operating system package or component

python-dataclasses (Red Hat package)
Operating systems & Components / Operating system package or component

python-daemon (Red Hat package)
Operating systems & Components / Operating system package or component

python-commonmark (Red Hat package)
Operating systems & Components / Operating system package or component

python-colorama (Red Hat package)
Operating systems & Components / Operating system package or component

python-cffi (Red Hat package)
Operating systems & Components / Operating system package or component

python-certifi (Red Hat package)
Operating systems & Components / Operating system package or component

python-bracex (Red Hat package)
Operating systems & Components / Operating system package or component

python-backoff (Red Hat package)
Operating systems & Components / Operating system package or component

python-attrs (Red Hat package)
Operating systems & Components / Operating system package or component

python-asyncio-throttle (Red Hat package)
Operating systems & Components / Operating system package or component

python-async-timeout (Red Hat package)
Operating systems & Components / Operating system package or component

python-async-lru (Red Hat package)
Operating systems & Components / Operating system package or component

python-aiohttp (Red Hat package)
Operating systems & Components / Operating system package or component

python-aiofiles (Red Hat package)
Operating systems & Components / Operating system package or component

python-aiodns (Red Hat package)
Operating systems & Components / Operating system package or component

pulpcore-selinux (Red Hat package)
Operating systems & Components / Operating system package or component

oniguruma (Red Hat package)
Operating systems & Components / Operating system package or component

helm (Red Hat package)
Operating systems & Components / Operating system package or component

dumb-init (Red Hat package)
Operating systems & Components / Operating system package or component

automation-hub (Red Hat package)
Operating systems & Components / Operating system package or component

automation-controller (Red Hat package)
Operating systems & Components / Operating system package or component

ansible-runner (Red Hat package)
Operating systems & Components / Operating system package or component

ansible-navigator (Red Hat package)
Operating systems & Components / Operating system package or component

ansible-lint (Red Hat package)
Operating systems & Components / Operating system package or component

ansible-core (Red Hat package)
Operating systems & Components / Operating system package or component

ansible-builder (Red Hat package)
Operating systems & Components / Operating system package or component

python-bleach-allowlist (Red Hat package)
Operating systems & Components / Operating system package or component

python-bleach (Red Hat package)
Operating systems & Components / Operating system package or component

Ansible Automation Platform
Server applications / Other server solutions

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Code Injection

EUVDB-ID: #VU54626

Risk: High

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-3583

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing yaml multi-line strings with ansible facts in templates. A remote attacker can trick the victim to open a specially crafted yaml template and execute arbitrary commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Ansible: before 2.9.23-1.el8ap

tini (Red Hat package): before 0.16.1-1.el8at

supervisor (Red Hat package): before 4.2.1-1.el8at

sshpass (Red Hat package): before 1.06-3.el8ae

rhc-catalog-worker (Red Hat package): before 0.1.6-2.el8ap

receptor (Red Hat package): before 1.0.0-1.el8ap

python3x-pip (Red Hat package): before 20.2.4-4.el8

python38-requirements-parser (Red Hat package): before 0.2.0-3.el8ap

python38-onigurumacffi (Red Hat package): before 1.1.0-1.el8ap

python38-importlib-resources (Red Hat package): before 1.1.0-2.el8ap

python38-dateutil (Red Hat package): before 2.6.1-8.el8ap

python38-click (Red Hat package): before 7.1.2-3.el8ap

python3-semantic-version (Red Hat package): before 2.8.5-3.el8pc

python3-markupsafe (Red Hat package): before 1.1.1-4.el8pc

python3-jinja2 (Red Hat package): before 2.11.3-1.el8pc

python3-gnupg (Red Hat package): before 0.4.7-1.el8pc

python3-django (Red Hat package): before 2.2.23-1.el8pc

python3-click (Red Hat package): before 7.1.2-3.el8pc

python-zipp (Red Hat package): before 3.4.0-2.el8pc

python-yarl (Red Hat package): before 1.6.3-1.el8pc

python-xlwt (Red Hat package): before 1.3.0-1.el8pc

python-xlrd (Red Hat package): before 2.0.1-1.el8pc

python-whitenoise (Red Hat package): before 5.2.0-1.el8pc

python-wcmatch (Red Hat package): before 8.1.2-1.el8pc

python-urlman (Red Hat package): before 1.4.0-1.el8pc

python-urllib3 (Red Hat package): before 1.26.4-1.el8pc

python-url-normalize (Red Hat package): before 1.4.3-2.el8pc

python-uritemplate (Red Hat package): before 3.0.1-2.el8pc

python-typing-extensions (Red Hat package): before 3.7.4.3-1.el8pc

python-typing (Red Hat package): before 3.7.4.3-1.el8pc

python-tenacity (Red Hat package): before 7.0.0-1.el8pc

python-tablib (Red Hat package): before 3.0.0-1.el8pc

python-sqlparse (Red Hat package): before 0.4.1-1.el8pc

python-six (Red Hat package): before 1.15.0-1.el8pc

python-ruamel-yaml-clib (Red Hat package): before 0.2.0-2.el8pc

python-ruamel-yaml (Red Hat package): before 0.16.10-1.el8pc

python-rq (Red Hat package): before 1.7.0-2.el8pc

python-rich (Red Hat package): before 10.0.1-1.el8pc

python-resolvelib (Red Hat package): before 0.5.4-4.el8ap

python-requests (Red Hat package): before 2.25.1-1.el8pc

python-redis (Red Hat package): before 3.5.3-1.el8pc

python-pyyaml (Red Hat package): before 5.4.1-1.el8pc

python-pytz (Red Hat package): before 2021.1-1.el8pc

python-pyrsistent (Red Hat package): before 0.17.3-1.el8pc

python-pyparsing (Red Hat package): before 2.4.7-1.el8pc

python-pyjwt (Red Hat package): before 1.7.1-3.el8pc

python-pyjwkest (Red Hat package): before 1.4.2-2.el8pc

python-pygtrie (Red Hat package): before 2.4.2-1.el8pc

python-pygments (Red Hat package): before 2.8.1-1.el8pc

python-pyflakes (Red Hat package): before 2.3.1-1.el8pc

python-pycryptodomex (Red Hat package): before 3.10.1-1.el8pc

python-pycparser (Red Hat package): before 2.20-1.el8pc

python-pycodestyle (Red Hat package): before 2.7.0-1.el8pc

python-pycares (Red Hat package): before 3.1.1-2.el8pc

python-pyOpenSSL (Red Hat package): before 19.1.0-1.el8pc

python-pulpcore (Red Hat package): before 3.11.2-2.el8pc

python-pulp-container (Red Hat package): before 2.5.3-1.el8pc

python-pulp-ansible (Red Hat package): before 0.7.3-1.el8pc

python-ptyprocess (Red Hat package): before 0.5.2-4.el8ap

python-psycopg2 (Red Hat package): before 2.8.6-1.el8pc

python-prometheus-client (Red Hat package): before 0.8.0-1.el8pc

python-pexpect (Red Hat package): before 4.6-3.el8ap

python-pbr (Red Hat package): before 5.5.1-6.el8ap

python-packaging (Red Hat package): before 20.9-1.el8pc

python-openpyxl (Red Hat package): before 3.0.7-1.el8pc

python-odfpy (Red Hat package): before 1.4.1-2.el8pc

python-multidict (Red Hat package): before 5.1.0-1.el8pc

python-meld3 (Red Hat package): before 1.0.2-10.el8at

python-mccabe (Red Hat package): before 0.6.1-1.el8pc

python-markuppy (Red Hat package): before 1.14-1.el8pc

python-markdown (Red Hat package): before 3.3.4-1.el8pc

python-lockfile (Red Hat package): before 0.11.0-9.el8ap

python-jsonschema (Red Hat package): before 3.2.0-4.el8pc

python-inflection (Red Hat package): before 0.5.0-1.el8pc

python-importlib-metadata (Red Hat package): before 1.7.0-1.el8pc

python-idna-ssl (Red Hat package): before 1.1.0-3.el8pc

python-idna (Red Hat package): before 2.10-1.el8pc

python-gunicorn (Red Hat package): before 20.0.4-2.el8pc

python-galaxy-ng (Red Hat package): before 4.3.2-1.el8pc

python-galaxy-importer (Red Hat package): before 0.3.2-1.el8pc

python-future (Red Hat package): before 0.18.2-3.el8pc

python-flake8 (Red Hat package): before 3.9.2-1.el8pc

python-et-xmlfile (Red Hat package): before 1.0.1-1.el8pc

python-enrich (Red Hat package): before 1.2.6-1.el8pc

python-ecdsa (Red Hat package): before 0.13.3-2.el8pc

python-dynaconf (Red Hat package): before 3.1.4-1.el8pc

python-drf-spectacular (Red Hat package): before 0.13.2-1.el8pc

python-drf-nested-routers (Red Hat package): before 0.93.3-1.el8pc

python-drf-access-policy (Red Hat package): before 0.8.7-1.el8pc

python-docutils (Red Hat package): before 0.14-7.el8ap

python-djangorestframework-queryfields (Red Hat package): before 1.0.0-3.el8pc

python-djangorestframework (Red Hat package): before 3.12.4-1.el8pc

python-django-prometheus (Red Hat package): before 2.1.0-1.el8pc

python-django-lifecycle (Red Hat package): before 0.9.1-1.el8pc

python-django-import-export (Red Hat package): before 2.5.0-1.el8pc

python-django-guid (Red Hat package): before 2.2.1-1.el8pc

python-django-guardian (Red Hat package): before 2.3.0-1.el8pc

python-django-filter (Red Hat package): before 2.4.0-1.el8pc

python-django-currentuser (Red Hat package): before 0.5.3-1.el8pc

python-diff-match-patch (Red Hat package): before 20200713-1.el8pc

python-defusedxml (Red Hat package): before 0.7.1-1.el8pc

python-dataclasses (Red Hat package): before 0.8-1.el8pc

python-daemon (Red Hat package): before 2.1.2-10.el8ap

python-commonmark (Red Hat package): before 0.9.1-1.el8pc

python-colorama (Red Hat package): before 0.4.4-1.el8pc

python-cffi (Red Hat package): before 1.14.5-1.el8pc

python-certifi (Red Hat package): before 2020.6.20-1.el8pc

python-bracex (Red Hat package): before 2.1.1-1.el8pc

python-backoff (Red Hat package): before 1.10.0-3.el8pc

python-attrs (Red Hat package): before 21.2.0-1.el8pc

python-asyncio-throttle (Red Hat package): before 1.0.2-1.el8pc

python-async-timeout (Red Hat package): before 3.0.1-2.el8pc

python-async-lru (Red Hat package): before 1.0.2-1.el8pc

python-aiohttp (Red Hat package): before 3.7.4-1.el8pc

python-aiofiles (Red Hat package): before 0.6.0-1.el8pc

python-aiodns (Red Hat package): before 2.0.0-3.el8pc

pulpcore-selinux (Red Hat package): before 1.2.4-1.el8pc

oniguruma (Red Hat package): before 6.9.7.1-1.el8ap

helm (Red Hat package): before 3.3.4-2.el8at

dumb-init (Red Hat package): before 1.2.5-1.el8ap

automation-hub (Red Hat package): before 4.3.2-1.el8pc

automation-controller (Red Hat package): before 4.0.0-1.el8ap

ansible-runner (Red Hat package): before 2.0.1-1.el8ap

ansible-navigator (Red Hat package): before 1.0.0-2.el8ap

ansible-lint (Red Hat package): before 5.0.8-1.el8pc

ansible-core (Red Hat package): before 2.11.2-2.el8ap

ansible-builder (Red Hat package): before 1.0.1-1.el8ap

Ansible Automation Platform: before 2.0.0

python-bleach-allowlist (Red Hat package): before 1.0.3-1.el8pc

python-bleach (Red Hat package): before 3.3.0-1.el8pc

CPE2.3 External links

http://access.redhat.com/errata/RHBA-2021:2703


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###