Lucene search
PRIOn knowledge basePRION:CVE-2020-1738HistoryMar 16, 2020 - 4:15 p.m.
Design/Logic Flaw
2020-03-1616:15:00
PRIOn knowledge base
www.prio-n.com
9
A flaw was found in Ansible Engine when the module package or service is used and the parameter ‘use’ is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ansible | ge | 2.9.0 | |
| ansible | le | 2.9.5 | |
| ansible | le | 2.7.16 | |
| ansible | ge | 2.8.0 | |
| ansible | le | 2.8.8 | |
| ansible_tower | le | 3.3.4 | |
| ansible_tower | ge | 3.6.0 | |
| ansible_tower | le | 3.6.3 | |
| ansible_tower | ge | 3.5.0 | |
| ansible_tower | le | 3.5.5 |
Related
redhatcve
redhatcve
CVE-2020-1738
2020-02-18 14:30:17
osv
osv
PYSEC-2020-10
2020-03-16 16:15:00
CVE-2020-1738
2020-03-16 16:15:14
Argument Injection in Ansible
2022-02-09 22:00:04
nvd
nvd
CVE-2020-1738
2020-03-16 16:15:14
cve
cve
CVE-2020-1738
2020-03-16 16:15:14
ubuntucve
ubuntucve
CVE-2020-1738
2020-03-16 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-02-28 05:00:46
github
github
Argument Injection in Ansible
2022-02-09 22:00:04
debiancve
debiancve
CVE-2020-1738
2020-03-16 16:15:14
cvelist
cvelist
CVE-2020-1738
2020-03-16 15:08:03
nessus
nessus
Photon OS 2.0: Ansible PHSA-2020-2.0-0226
2020-04-10 00:00:00
Photon OS 3.0: Ansible PHSA-2020-3.0-0078
2020-04-21 00:00:00
GLSA-202006-11 : Ansible: Multiple vulnerabilities
2020-06-17 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0226
2020-04-07 00:00:00
Important Photon OS Security Update - PHSA-2020-0226
2020-04-07 00:00:00
Important Photon OS Security Update - PHSA-2020-0078
2020-04-08 00:00:00
gentoo
gentoo
Ansible: Multiple vulnerabilities
2020-06-13 00:00:00
suse
suse
Security update for ansible (important)
2022-03-16 00:00:00