Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:L/AC:M/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Ansible
  • Ansible Engine
  • Openstack

Configuration 1 [-]

OR cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Ansible Engine 2.5 for RHEL 7
ansible-0:2.5.15-1.el7ae cpe:/a:redhat:ansible_engine:2.5::el7 RHSA-2019:0432 2019-02-28T00:00:00Z
Red Hat Ansible Engine 2.6 for RHEL 7
ansible-0:2.6.14-1.el7ae cpe:/a:redhat:ansible_engine:2.6::el7 RHSA-2019:0433 2019-02-28T00:00:00Z
Red Hat Ansible Engine 2.7 for RHEL 7
ansible-0:2.7.8-1.el7ae cpe:/a:redhat:ansible_engine:2.7::el7 RHSA-2019:0431 2019-02-28T00:00:00Z
Red Hat Ansible Engine 2 for RHEL 7
ansible-0:2.7.8-1.el7ae cpe:/a:redhat:ansible_engine:2::el7 RHSA-2019:0430 2019-02-28T00:00:00Z
Red Hat OpenStack Platform 13.0 (Queens)
ansible-0:2.6.19-1.el7ae cpe:/a:redhat:openstack:13::el7 RHSA-2019:3789 2019-11-07T00:00:00Z
Red Hat OpenStack Platform 14.0 (Rocky)
ansible-0:2.6.19-1.el7ae cpe:/a:redhat:openstack:14::el7 RHSA-2019:3744 2019-11-06T00:00:00Z
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html cve-icon cve-icon
http://packetstormsecurity.com/files/172837/Ansible-Fetch-Path-Traversal.html cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3744 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3789 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3828 cve-icon cve-icon
https://github.com/ansible/ansible/pull/52133 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-3828 cve-icon
https://usn.ubuntu.com/4072-1/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-3828 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-03-27T00:00:00

Updated: 2024-08-04T19:19:18.580Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3828

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-27T13:29:01.617

Modified: 2023-06-12T07:15:12.497

Link: CVE-2019-3828

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-02-12T00:00:00Z

Links: CVE-2019-3828 - Bugzilla