#VU6639 Improper input validation in Red Hat OpenShift Container Platform


Published: 2020-03-18

Vulnerability identifier: #VU6639

Vulnerability risk: Medium

CVSSv3.1: 8.1 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-9587, CVE-2017-7466

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: Yes

Vulnerable software:
Red Hat OpenShift Container Platform
Client/Desktop applications / Software for system administration

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing responses, send by clients to Ansible server. A remote client can send a specially crafted response and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install update from vendor's repository.

Red Hat OpenShift Container Platform 3.5

SRPM
ansible-2.2.3.0-1.el7.src.rpm SHA-256: 988c92cd44be55653d279f84a5d97d2431c86a71385371f49cbb4f3848baff48
openshift-ansible-3.5.71-1.git.0.128c2db.el7.src.rpm SHA-256: 7072e36afb768955c2eae3c1fd0bc0b6fdac64a89a9d7b48a5fe3520684d1970
x86_64
ansible-2.2.3.0-1.el7.noarch.rpm SHA-256: 9fe1329c586a25834627eecff63db5b2fec5fbe1305eff434b3155ee81cb957f
atomic-openshift-utils-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: a9c98e86ee8e874620923afb237e332dc748229d5491f2ba840b93900bb97116
openshift-ansible-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: 37be7b3ac39e46ae43e07b32bbadb0b39a66431463a7311c03bd45586fbec35f
openshift-ansible-callback-plugins-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: 392751f8f044ed723aab6bbb6d4351792a1f9ae09b100f80bdfa33157b401a39
openshift-ansible-docs-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: 1ae22cbee56abf480895920f62304ce5fd64636d2723a5dd822366b8c61115c5
openshift-ansible-filter-plugins-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: acab7b9c30266fdb4b0117141ea7773b7f523446e95fe54c879162ea753d0add
openshift-ansible-lookup-plugins-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: fcba26f0930deef14bb0011b991b4f5155a1dfb441922fa1acef18fdb3581122
openshift-ansible-playbooks-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: 3ff38bfd65af83de74e81ecbc082a06171ae50c2a7177ba5fd67898a549bc8eb
openshift-ansible-roles-3.5.71-1.git.0.128c2db.el7.noarch.rpm SHA-256: 78eba5ca0ae40839eb156c4483c9806bb5587c3663ea3f863c19c6cbe0a49e3d

Red Hat OpenShift Container Platform 3.4

SRPM
ansible-2.2.3.0-1.el7.src.rpm SHA-256: 988c92cd44be55653d279f84a5d97d2431c86a71385371f49cbb4f3848baff48
openshift-ansible-3.4.89-1.git.0.ac29ce8.el7.src.rpm SHA-256: e6edd94419288019ef93569f6a0eddb74cf5a93b17fdffca0cabd2313813d56f
x86_64
ansible-2.2.3.0-1.el7.noarch.rpm SHA-256: 9fe1329c586a25834627eecff63db5b2fec5fbe1305eff434b3155ee81cb957f
atomic-openshift-utils-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: 1f37982a80885b4c15152a417a9e6c20d446951107808311aba6f1d1624b3148
openshift-ansible-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: 36db61a640533927db9a4fc57f2a594e3a711cc4489922491fcaedd0e0a5fef1
openshift-ansible-callback-plugins-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: 15b17e88aebe82f1b8ee4a66f0ae6c4df7ef2e0883271f649413f59860f390b8
openshift-ansible-docs-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: a1b825d5c540ce15d24a5372a2557a43a6ea4ce1fba436f5d744fd1110f06971
openshift-ansible-filter-plugins-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: a9f2f618d36645e958d28da173c2a04202b6c8b76c58e2bf3716b8999a7604b2
openshift-ansible-lookup-plugins-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: 70c2ff5d078f7be355952b5fe4583f7da7c6401bffcc07ec5069edd1c630b756
openshift-ansible-playbooks-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: fc91ec9e4b13ba8811b04f582b0fbfb99bdf0f767df0ea0ea0869a9557f66ab6
openshift-ansible-roles-3.4.89-1.git.0.ac29ce8.el7.noarch.rpm SHA-256: a082eb3b744f354d3f94b8a0c36fac71f3a1e5d580b89bad0dcc909b7c3e310c

Red Hat OpenShift Container Platform 3.3

SRPM
ansible-2.2.3.0-1.el7.src.rpm SHA-256: 988c92cd44be55653d279f84a5d97d2431c86a71385371f49cbb4f3848baff48
openshift-ansible-3.3.82-1.git.0.af0c922.el7.src.rpm SHA-256: 33938512c015d682f233fdf03f967c2158a0ff1bff45bbaad53c3aaefefe5eb5
x86_64
ansible-2.2.3.0-1.el7.noarch.rpm SHA-256: 9fe1329c586a25834627eecff63db5b2fec5fbe1305eff434b3155ee81cb957f
atomic-openshift-utils-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: bb935752127fefdb945caad3319d0eee7f9c67c3d3a944e29065b3cdbdd67a17
openshift-ansible-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: a72cb607abb4322b8b3c8511c8920ad4c46df3d64f7213f552950f10e216f89a
openshift-ansible-callback-plugins-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: 334bd466dac0cb262969b556d0c3b581c4772dbd2d6b33290be5e469dc783c01
openshift-ansible-docs-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: 9bbff60357c2c86f520f5e2bb5d16ce385c5b80c97a7781b37bea2a2dc0c8c68
openshift-ansible-filter-plugins-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: 12c2ad25beff0cde04f84e68525bb95d31b1f053e35913bd50c290614fe869c4
openshift-ansible-lookup-plugins-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: c4646860b3f4b3fee49fceaca3f5147e68fb4b2e37edb171898a98bb22ec3f1e
openshift-ansible-playbooks-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: 02664ac20e869cb4f9c82246670d3e002161e2ebd3041046715277cebc3996f3
openshift-ansible-roles-3.3.82-1.git.0.af0c922.el7.noarch.rpm SHA-256: 2261624540dab20d18ea7222b83dcaaf4724fb704a0e041bde5283d0d4529314

Red Hat OpenShift Container Platform 3.2

SRPM
ansible-2.2.3.0-1.el7.src.rpm SHA-256: 988c92cd44be55653d279f84a5d97d2431c86a71385371f49cbb4f3848baff48
openshift-ansible-3.2.56-1.git.0.b844ab7.el7.src.rpm SHA-256: 4c1ae1c92b00251b3c2ccfb208efb639d8656101f854b07648364f20dbc2b251
x86_64
ansible-2.2.3.0-1.el7.noarch.rpm SHA-256: 9fe1329c586a25834627eecff63db5b2fec5fbe1305eff434b3155ee81cb957f
atomic-openshift-utils-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: 8ecc94b0d7f5c1f5168342d50f4f527f02c2a3f837c37bf12a29e2e5dbdf0418
openshift-ansible-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: 8f2aec6801d64fe8fc876d21d0177ce0ea5658b3c99d2b35d07f78c360c91136
openshift-ansible-docs-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: 7a10522f8a9594a992a78e135564467e05c89df1e1ad57deed17eac7ca40542f
openshift-ansible-filter-plugins-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: b7bd23002683bf1460fb2b42aa482ccf9b4a710722f49dd192f872c24b29db20
openshift-ansible-lookup-plugins-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: e081bab14c9cc0d953d9bdd0a5bd44bc0f52775bc4217d47b28e37ce1204ff57
openshift-ansible-playbooks-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: a190dd379356b7820f70b5a0fb1a8752891476153e836c0785ed8381ab749856
openshift-ansible-roles-3.2.56-1.git.0.b844ab7.el7.noarch.rpm SHA-256: 1b05ce41214453a0eb9a7fc0342f3bd49781a8ea7270ebe2ce6fd43dc631ff7f

Vulnerable software versions

Red Hat OpenShift Container Platform:

External links
http://access.redhat.com/errata/RHSA-2017:1244

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


OpenSUSE Linux update for ansible
Multiple vulnerabilities in Red Hat Ansible
Red Hat Gluster Storage Server update for ansible
Two vulnerabilities in Red Hat OpenShift Container Platform
Red Hat update for ansible and openshift-ansible
Improper input validation in ansible (Alpine package)
Gentoo update for Ansible
Red Hat update for ansible