#VU101827 Security features bypass in Ansible - CVE-2024-11079


Vulnerability identifier: #VU101827

Vulnerability risk: High

CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-11079

CWE-ID: CWE-254

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ansible
Server applications / Remote management servers, RDP, SSH

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to application allows to use hostvars object to reference and execute templated content. A remote user can bypass unsafe content protections and execute arbitrary code if remote data or module outputs are improperly templated within playbooks.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Ansible: 2.15.0 rc1 - 2.18.1 rc1

External links
https://access.redhat.com/errata/RHSA-2024:10770
https://access.redhat.com/errata/RHSA-2024:11145
https://access.redhat.com/security/cve/CVE-2024-11079
https://bugzilla.redhat.com/show_bug.cgi?id=2325171

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM Watson Speech Services Cartridge
Multiple vulnerabilities in IBM Maximo Application Suite - IoT Component
Multiple vulnerabilities in Ansible Automation Platform 2.5 packages
Multiple vulnerabilities in Ansible Automation Platform 2.5 packages
Security restrictinos bypass in Ansible