CVE-2020-10684

Published: Mar 24, 2020Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.

Affected (12)

Products: Redhat: Ansible, Ansible Tower, Openstack · Debian: Debian Linux · Fedoraproject: Fedora

3 products

1 product

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Redhat Ansible	From 2.7.0 to 2.7.17
Redhat Ansible	From 2.8.0 to 2.8.9
Redhat Ansible	From 2.9.0 to 2.9.6
Redhat Ansible Tower	Up to 3.3.5
Redhat Ansible Tower	From 3.5.0 to 3.5.5
Redhat Ansible Tower	From 3.6.0 to 3.6.3
Redhat Openstack	Version 10
Redhat Openstack	Version 13

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 30
Fedoraproject Fedora	Version 31
Fedoraproject Fedora	Version 32

Related CWEs

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (12)

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/

Source: secalert@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/

Source: secalert@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/

Source: secalert@redhat.com

https://security.gentoo.org/glsa/202006-11

Source: secalert@redhat.com

Third Party Advisory

https://www.debian.org/security/2021/dsa-4950

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/202006-11

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.debian.org/security/2021/dsa-4950

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.