Description
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.
CVSS breakdown
CVSS 3.0
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low
Affected products
- Red Hat / Ansible2.9.x before 2.9.3 – 2.9.x before 2.9.3
- Red Hat / Ansible2.8.x before 2.8.8 – 2.8.x before 2.8.8
- Red Hat / Ansible2.7.x before 2.7.16 – 2.7.x before 2.7.16
- Red Hat / Ansible2.7.x and earlier – 2.7.x and earlier
References
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2020:0218
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2020:0216
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BNCYPQ4BY5QHBCJOAOPANB5FHATW2BR/
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html