Lucene search
RedhatCVELIST:CVE-2021-3701HistoryAug 23, 2022 - 3:50 p.m.
CVE-2021-3701
2022-08-2315:50:47
CWE-276
redhat
www.cve.org
1
A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity.
CNA Affected
[
{
"product": "ansible-runner",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects ansible-runner 2.0"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
osv
osv
CVE-2021-3701
2022-08-23 16:15:09
ansible-runner 2.0.0 default temporary files written to world R/W locations
2022-08-24 00:00:29
cve
cve
CVE-2021-3701
2022-08-23 16:15:09
nvd
nvd
CVE-2021-3701
2022-08-23 16:15:09
ubuntucve
ubuntucve
CVE-2021-3701
2022-08-23 00:00:00
redhatcve
redhatcve
CVE-2021-3701
2021-08-16 12:55:17
debiancve
debiancve
CVE-2021-3701
2022-08-23 16:15:09
github
github
ansible-runner 2.0.0 default temporary files written to world R/W locations
2022-08-24 00:00:29
