#VU7411 Improper input validation in Ansible
Vulnerability identifier: #VU7411
Vulnerability risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Ansible
Server applications /
Remote management servers, RDP, SSH
Vendor: Red Hat Inc.
Description
The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.
The weakness exists due to input validation error in Ansible's mysql_user module that may lead to incorrect password changing. An adjacent attacker can use the previous password and bypass security restrictions.
Successful exploitation of the vulnerability may result in access to the system.
Mitigation
Update to version 2.3.0.
Vulnerable software versions
Ansible: 2.0.0 - 2.0.2, 2.1.0 - 2.1.6, 2.2.0 - 2.2.3
External links
http://github.com/ansible/ansible-modules-core/pull/5388
http://rhn.redhat.com/errata/RHSA-2017-1685.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
