An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as “/abs/path” that can resolve to a location that is outside of that directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ansible_automation_platform | Redhat | 1.2 (including) | 1.2 (including) |
Ansible_automation_platform | Redhat | 2.3 (including) | 2.3 (including) |
Ansible_automation_platform | Redhat | 2.4 (including) | 2.4 (including) |
Red Hat Ansible Automation Platform 2.3 for RHEL 8 | RedHat | ansible-core-0:2.14.11-1.el8ap | * |
Red Hat Ansible Automation Platform 2.3 for RHEL 9 | RedHat | ansible-core-0:2.14.11-1.el9ap | * |
Red Hat Ansible Automation Platform 2.4 for RHEL 8 | RedHat | ansible-core-0:2.15.5-1.el8ap | * |
Red Hat Ansible Automation Platform 2.4 for RHEL 9 | RedHat | ansible-core-0:2.15.5-1.el9ap | * |
Ansible | Ubuntu | bionic | * |
Ansible | Ubuntu | lunar | * |
Ansible | Ubuntu | mantic | * |
Ansible | Ubuntu | trusty | * |
Ansible | Ubuntu | trusty/esm | * |
Ansible | Ubuntu | xenial | * |
Ansible-core | Ubuntu | lunar | * |
Ansible-core | Ubuntu | mantic | * |