Ansible Engine/Ansible Tower Decryption /tmp elévation de privilèges

entréeeditHistoryDiffjsonxmlCTI

Une vulnérabilité qui a été classée problématique a été trouvée dans Ansible Engine et Ansible Tower. Ceci affecte une fonction inconnue du fichier /tmp du composant Decryption Handler. Mettre à jour élimine cette vulnérabilité.

Domaine12/05/2020 07:4816/10/2020 14:0516/10/2020 14:07
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_nvd_basescore5.05.05.0
nameAnsible Engine/Ansible TowerAnsible Engine/Ansible TowerAnsible Engine/Ansible Tower
componentDecryption HandlerDecryption HandlerDecryption Handler
file/tmp/tmp/tmp
affectedlistAnsible Engine bis 2.7.16/2.8.10/2.9.6 Ansible Tower bis 3.4.5/3.5.5/3.6.3Ansible Engine bis 2.7.16/2.8.10/2.9.6 Ansible Tower bis 3.4.5/3.5.5/3.6.3Ansible Engine bis 2.7.16/2.8.10/2.9.6 Ansible Tower bis 3.4.5/3.5.5/3.6.3
risk111
cvss2_vuldb_basescore1.51.51.5
cvss2_vuldb_tempscore1.31.31.3
cvss2_vuldb_avLLL
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss3_meta_basescore3.93.93.9
cvss3_meta_tempscore3.73.73.7
cvss3_vuldb_basescore2.82.82.8
cvss3_vuldb_tempscore2.72.72.7
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
date1589155200 (11/05/2020)1589155200 (11/05/2020)1589155200 (11/05/2020)
locationBugzillaBugzillaBugzilla
typeBug ReportBug ReportBug Report
urlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685
price_0day$0-$5k$0-$5k$0-$5k
nameUpgradeUpgradeUpgrade
cveCVE-2020-10685CVE-2020-10685CVE-2020-10685
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cwe377 (elévation de privilèges)377 (elévation de privilèges)377 (elévation de privilèges)
cvss3_nvd_avLLL
cvss3_nvd_acLLL
cvss3_nvd_prLLL
cvss3_nvd_uiRRR
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iNNN
cvss3_nvd_aNNN
cve_assigned158466240015846624001584662400
cve_nvd_summaryA flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.
confirm_urlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685
cve_cnaRed Hat, Inc.

Interested in the pricing of exploits?

See the underground prices here!