8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
ansible is vulnerable to command execution through a comprised remote system. A compromised remote system managed through ansible can lead to commands being executed on the ansible controller when the user is running the ansible or ansible-playbook command.
rhn.redhat.com/errata/RHSA-2017-0195.html
rhn.redhat.com/errata/RHSA-2017-0260.html
www.securityfocus.com/bid/95352
access.redhat.com/errata/RHSA-2017:0260
access.redhat.com/errata/RHSA-2017:0448
access.redhat.com/errata/RHSA-2017:0515
access.redhat.com/errata/RHSA-2017:1685
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1335080
bugzilla.redhat.com/show_bug.cgi?id=1340038
bugzilla.redhat.com/show_bug.cgi?id=1342519
bugzilla.redhat.com/show_bug.cgi?id=1342713
bugzilla.redhat.com/show_bug.cgi?id=1344603
bugzilla.redhat.com/show_bug.cgi?id=1346244
bugzilla.redhat.com/show_bug.cgi?id=1348881
bugzilla.redhat.com/show_bug.cgi?id=1349790
bugzilla.redhat.com/show_bug.cgi?id=1360461
bugzilla.redhat.com/show_bug.cgi?id=1360523
bugzilla.redhat.com/show_bug.cgi?id=1362570
bugzilla.redhat.com/show_bug.cgi?id=1366203
bugzilla.redhat.com/show_bug.cgi?id=1366306
bugzilla.redhat.com/show_bug.cgi?id=1380091
bugzilla.redhat.com/show_bug.cgi?id=1380098
bugzilla.redhat.com/show_bug.cgi?id=1380315
bugzilla.redhat.com/show_bug.cgi?id=1380689
bugzilla.redhat.com/show_bug.cgi?id=1387174
bugzilla.redhat.com/show_bug.cgi?id=1387545
bugzilla.redhat.com/show_bug.cgi?id=1390871
bugzilla.redhat.com/show_bug.cgi?id=1390872
bugzilla.redhat.com/show_bug.cgi?id=1393204
bugzilla.redhat.com/show_bug.cgi?id=1394636
bugzilla.redhat.com/show_bug.cgi?id=1396008
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9587
security.gentoo.org/glsa/201701-77
www.exploit-db.com/exploits/41013/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C