Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-1739: svn module leaks password when specified as a parameter

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument “password” of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.

CVE
#ubuntu#red_hat

Description Borja Tarraso 2020-02-12 14:22:03 UTC

When a password is set with the argument “password” of svn module, it is used on svn command line, disclosing to other users within the same node.

Comment 2 Borja Tarraso 2020-02-17 12:57:17 UTC

Acknowledgments:

Name: Damien Aumaitre (Quarkslab), Nicolas Surbayrole (Quarkslab)

Comment 4 Salvatore Bonaccorso 2020-02-19 07:16:28 UTC

Is there are related upstream issue?

Comment 5 Borja Tarraso 2020-02-20 16:40:51 UTC

Created ansible tracking bugs for this issue:

Affects: epel-all [bug 1805322] Affects: fedora-all [bug 1805321]

Comment 6 Borja Tarraso 2020-02-20 17:01:40 UTC

Hey Salvatore, I am working to provide additional information regarding this issue; more details as you requested, affected versions as well as upstream links in case we already have. Prioritising this for now, I will get back to you asap.

In reply to comment #4: > Is there are related upstream issue?

Comment 9 Yadnyawalk Tale 2020-02-20 22:45:06 UTC

Red Hat CloudForms Management Engine 5.9 is in maintenance phase and we’re no longer fixing “Low” severity CVEs.

Comment 12 Borja Tarraso 2020-02-25 14:58:46 UTC

Mitigation:

Instead of using the parameter ‘password’ of the subversion module, provide the password with stdin.

Comment 15 Borja Tarraso 2020-02-27 12:19:34 UTC

Created ansible tracking bugs for this issue:

Affects: openstack-rdo [bug 1807879]

Comment 16 Hardik Vyas 2020-03-18 16:24:35 UTC

Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains its own version of Ansible. The fix will be provided from core Ansible. But we still ship ansible separately for ceph ubuntu.

Comment 24 Yadnyawalk Tale 2020-05-11 09:46:42 UTC

CloudForms 5.11 do not use ansible-tower and 5.10 only using ansible-tower-venv-ansible atm.

Comment 25 Summer Long 2021-01-14 05:02:30 UTC

Statement:

Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.

Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.

In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907