[Bugs] [Bug 13212] CVE-s found @ ansible 2.9.10

bugzilla bugzilla на rosalinux.ru
Вс Апр 16 20:39:08 MSK 2023 

https://bugzilla.rosalinux.ru/show_bug.cgi?id=13212

Yury <y.tumanov на rosalinux.ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Alias|                            |psycho, drake

--- Comment #1 from Yury <y.tumanov на rosalinux.ru> ---
CVE-2021-3652   A flaw was found in 389-ds-base. If an asterisk is imported as
password hashes, either accidentally or maliciously, then instead of being
inactive, any password will successfully match during authentication. This flaw
allows an attacker to successfully authenticate as a user whose password was
disabled.        A flaw was found in 389-ds-base. If an asterisk is imported as
password hashes, either accidentally or maliciously, then instead of being
inactive, any password will successfully match during authentication. This flaw
allows an attacker to successfully authenticate as a user whose password was
disabled.        https://nvd.nist.gov/vuln/detail/CVE-2021-3652  MEDIUM
CVE-2022-1949   An access control bypass vulnerability found in 389-ds-base.
That mishandling of the filter that would yield incorrect results, but as that
has progressed, can be determined that it actually is an access control bypass.
This may allow any remote unauthenticated user to issue a filter that allows
searching for database items they do not have access to, including but not
limited to potentially userPassword hashes and other sensitive data.        An
access control bypass vulnerability found in 389-ds-base. That mishandling of
the filter that would yield incorrect results, but as that has progressed, can
be determined that it actually is an access control bypass. This may allow any
remote unauthenticated user to issue a filter that allows searching for
database items they do not have access to, including but not limited to
potentially userPassword hashes and other sensitive data.       
https://nvd.nist.gov/vuln/detail/CVE-2022-1949  HIGH
CVE-2020-1736   A flaw was found in Ansible Engine when a file is moved using
atomic_move primitive as the file mode cannot be specified. This sets the
destination files world-readable if the destination file does not exist and if
the file exists, the file could be changed to have less restrictive permissions
before the move. This could lead to the disclosure of sensitive data. All
versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.    
A flaw was found in Ansible Engine when a file is moved using atomic_move
primitive as the file mode cannot be specified. This sets the destination files
world-readable if the destination file does not exist and if the file exists,
the file could be changed to have less restrictive permissions before the move.
This could lead to the disclosure of sensitive data. All versions in 2.7.x,
2.8.x and 2.9.x branches are believed to be vulnerable.    
https://nvd.nist.gov/vuln/detail/CVE-2020-1736  LOW
CVE-2020-1738   A flaw was found in Ansible Engine when the module package or
service is used and the parameter 'use' is not specified. If a previous task is
executed with a malicious user, the module sent can be selected by the attacker
using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches
are believed to be vulnerable.      A flaw was found in Ansible Engine when the
module package or service is used and the parameter 'use' is not specified. If
a previous task is executed with a malicious user, the module sent can be
selected by the attacker using the ansible facts file. All versions in 2.7.x,
2.8.x and 2.9.x branches are believed to be vulnerable.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1738  LOW
CVE-2020-1738   A flaw was found in Ansible Engine when the module package or
service is used and the parameter 'use' is not specified. If a previous task is
executed with a malicious user, the module sent can be selected by the attacker
using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches
are believed to be vulnerable.      A flaw was found in Ansible Engine when the
module package or service is used and the parameter 'use' is not specified. If
a previous task is executed with a malicious user, the module sent can be
selected by the attacker using the ansible facts file. All versions in 2.7.x,
2.8.x and 2.9.x branches are believed to be vulnerable.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1738  LOW
CVE-2020-1739   A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior,
and 2.9.5 and prior when a password is set with the argument "password" of svn
module, it is used on svn command line, disclosing to other users within the
same node. An attacker could take advantage by reading the cmdline file from
that particular PID on the procfs.      A flaw was found in Ansible 2.7.16 and
prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the
argument "password" of svn module, it is used on svn command line, disclosing
to other users within the same node. An attacker could take advantage by
reading the cmdline file from that particular PID on the procfs.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1739  LOW
CVE-2020-1739   A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior,
and 2.9.5 and prior when a password is set with the argument "password" of svn
module, it is used on svn command line, disclosing to other users within the
same node. An attacker could take advantage by reading the cmdline file from
that particular PID on the procfs.      A flaw was found in Ansible 2.7.16 and
prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the
argument "password" of svn module, it is used on svn command line, disclosing
to other users within the same node. An attacker could take advantage by
reading the cmdline file from that particular PID on the procfs.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1739  LOW
CVE-2020-1740   A flaw was found in Ansible Engine when using Ansible Vault for
editing encrypted files. When a user executes "ansible-vault edit", another
user on the same computer can read the old and new secret, as it is created in
a temporary file with mkstemp and the returned file descriptor is closed and
the method write_data is called to write the existing secret in the file. This
method will delete the file before recreating it insecurely. All versions in
2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.      A flaw was
found in Ansible Engine when using Ansible Vault for editing encrypted files.
When a user executes "ansible-vault edit", another user on the same computer
can read the old and new secret, as it is created in a temporary file with
mkstemp and the returned file descriptor is closed and the method write_data is
called to write the existing secret in the file. This method will delete the
file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x
branches are believed to be vulnerable.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1740  MEDIUM
CVE-2020-1740   A flaw was found in Ansible Engine when using Ansible Vault for
editing encrypted files. When a user executes "ansible-vault edit", another
user on the same computer can read the old and new secret, as it is created in
a temporary file with mkstemp and the returned file descriptor is closed and
the method write_data is called to write the existing secret in the file. This
method will delete the file before recreating it insecurely. All versions in
2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.      A flaw was
found in Ansible Engine when using Ansible Vault for editing encrypted files.
When a user executes "ansible-vault edit", another user on the same computer
can read the old and new secret, as it is created in a temporary file with
mkstemp and the returned file descriptor is closed and the method write_data is
called to write the existing secret in the file. This method will delete the
file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x
branches are believed to be vulnerable.     
https://nvd.nist.gov/vuln/detail/CVE-2020-1740  MEDIUM
CVE-2021-20178  A flaw was found in ansible module where credentials are
disclosed in the console log by default and not protected by the security
feature when using the bitbucket_pipeline_variable module. This flaw allows an
attacker to steal bitbucket_pipeline credentials. The highest threat from this
vulnerability is to confidentiality.   A flaw was found in ansible module where
credentials are disclosed in the console log by default and not protected by
the security feature when using the bitbucket_pipeline_variable module. This
flaw allows an attacker to steal bitbucket_pipeline credentials. The highest
threat from this vulnerability is to confidentiality.  
https://nvd.nist.gov/vuln/detail/CVE-2021-20178 MEDIUM
CVE-2021-20180  A flaw was found in ansible module where credentials are
disclosed in the console log by default and not protected by the security
feature when using the bitbucket_pipeline_variable module. This flaw allows an
attacker to steal bitbucket_pipeline credentials. The highest threat from this
vulnerability is to confidentiality.   A flaw was found in ansible module where
credentials are disclosed in the console log by default and not protected by
the security feature when using the bitbucket_pipeline_variable module. This
flaw allows an attacker to steal bitbucket_pipeline credentials. The highest
threat from this vulnerability is to confidentiality.  
https://nvd.nist.gov/vuln/detail/CVE-2021-20180 MEDIUM
CVE-2021-20191  A flaw was found in ansible. Credentials, such as secrets, are
being disclosed in console log by default and not protected by no_log feature
when using those modules. An attacker can take advantage of this information to
steal those credentials. The highest threat from this vulnerability is to data
confidentiality. Versions before ansible 2.9.18 are affected.       A flaw was
found in ansible. Credentials, such as secrets, are being disclosed in console
log by default and not protected by no_log feature when using those modules. An
attacker can take advantage of this information to steal those credentials. The
highest threat from this vulnerability is to data confidentiality. Versions
before ansible 2.9.18 are affected.      
https://nvd.nist.gov/vuln/detail/CVE-2021-20191 MEDIUM
CVE-2022-3697   A flaw was found in Ansible in the amazon.aws collection when
using the tower_callback parameter from the amazon.aws.ec2_instance module.
This flaw allows an attacker to take advantage of this issue as the module is
handling the parameter insecurely, leading to the password leaking in the logs.
A flaw was found in Ansible in the amazon.aws collection when using the
tower_callback parameter from the amazon.aws.ec2_instance module. This flaw
allows an attacker to take advantage of this issue as the module is handling
the parameter insecurely, leading to the password leaking in the logs.
https://nvd.nist.gov/vuln/detail/CVE-2022-3697  HIGH

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено&hellip;
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230416/973189b9/attachment-0001.html>

Подробная информация о списке рассылки Bugs