5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
ansible is susceptible to privilege escalation. When it is running a module with become-user, a temporary directory /var/tmp
is created for for the become_user using umask 77 && mkdir -p
in /var/tmp without checking the existence of parent directories and its permissions, allowing a user on the node to escalate privileges as the become_user and to modify the permissions of files owned by the original SSH user on the node.
CPE | Name | Operator | Version |
---|---|---|---|
ansible | le | 2.0.2.0 | |
ansible | le | 2.8.8 | |
ansible | le | 2.9.5 | |
ansible:3.10 | eq | 2.8.8-r0 | |
ansible:3.10 | eq | 2.8.9-r0 | |
ansible:3.11 | eq | 2.9.3-r0 | |
ansible | eq | 2.7.16-r0 |
bugzilla.redhat.com/show_bug.cgi?id=1801735
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
github.com/ansible/ansible/issues/67791
lists.debian.org/debian-lts-announce/2020/05/msg00005.html
lists.fedoraproject.org/archives/list/[email protected]/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
lists.fedoraproject.org/archives/list/[email protected]/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
lists.fedoraproject.org/archives/list/[email protected]/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
security.gentoo.org/glsa/202006-11
www.debian.org/security/2021/dsa-4950
5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P