Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-10729: two random password lookups in same task return same value · Issue #34144 · ansible/ansible

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.

CVE
Open in Source
#vulnerability#git

This issue is still happening for ansible 2.7.8

- name: Generate random password for WordPress salts set_fact: wp_auth_key: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_secure_auth_key: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_logged_in_key: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_nonce_key: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_auth_salt: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_secure_auth_salt: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_logged_in_salt: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” wp_nonce_salt: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” when: scalingo_existing_wp_salt | length == 0

outputs

 // outputs 
  ok: [127.0.0.1] => {
    "ansible_facts": {
        "wp_auth_key": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_auth_salt": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_logged_in_key": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_logged_in_salt": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_nonce_key": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_nonce_salt": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_secure_auth_key": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<", 
        "wp_secure_auth_salt": "%2,+)*%{+`~lV.;u6\\-=-2>X17<|w!5sJiOXJAwH)@<MteGQ<zZ~QRf4O$Z1&[/<"
    }, 
    "changed": false
}

I tried also:

- name: Generate random password for WordPress salts set_fact: wp_auth_key: “{{ random_password }}” wp_secure_auth_key: “{{ random_password }}” wp_logged_in_key: “{{ random_password }}” wp_nonce_key: “{{ random_password }}” wp_auth_salt: “{{ random_password }}” wp_secure_auth_salt: “{{ random_password }}” wp_logged_in_salt: “{{ random_password }}” wp_nonce_salt: “{{ random_password }}” vars: random_password: “{{ lookup('password’, ‘/dev/null length=64 chars=ascii_letters,digits,punctuation’) }}” when: scalingo_existing_wp_salt | length > 0

which gives the same password too.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE