#VU29017 Code Injection in Red Hat Ansible Engine - CVE-2020-10684
Published: June 15, 2020
Vulnerability identifier: #VU29017
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-10684
CWE-ID: CWE-94
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Red Hat Ansible Engine
Red Hat Ansible Engine
Software vendor:
Red Hat Inc.
Red Hat Inc.
Description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when using "ansible_facts" as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the "ansible_facts" after the clean. A local user can alter the "ansible_facts", such as "ansible_hosts", "users" and any other key data which would lead into privilege escalation or code injection
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install updates from vendor's website.
External links
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
- https://security.gentoo.org/glsa/202006-11