CVE-2019-14905

Current Description

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.

Basic Data

PublishedMarch 31, 2020
Last ModifiedApril 16, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-610
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.6
SeverityMEDIUM
Exploitability Score3.9
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRedhatAnsible Engine********2.7.02.7.16
    2.3ApplicationRedhatAnsible Engine********2.8.02.8.8
    2.3ApplicationRedhatAnsible Engine********2.9.02.9.3
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRedhatAnsible Tower3.0.0*******
    2.3ApplicationRedhatCeph Storage3.0*******
    2.3ApplicationRedhatCloudforms Management Engine5.0*******
    2.3ApplicationRedhatOpenstack13.0*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSFedoraprojectFedora30*******

Vulnerable Software List

VendorProductVersions
Redhat Ansible Tower 3.0.0
Redhat Ceph Storage 3.0
Redhat Openstack 13.0
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Engine *
Fedoraproject Fedora 30

References

NameSourceURLTags
openSUSE-SU-2020:0513http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.htmlSUSE
openSUSE-SU-2020:0523http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.htmlSUSE
RHSA-2020:0216https://access.redhat.com/errata/RHSA-2020:0216REDHATPatch Vendor Advisory
RHSA-2020:0218https://access.redhat.com/errata/RHSA-2020:0218REDHATPatch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14905CONFIRMIssue Tracking Patch Vendor Advisory
FEDORA-2020-2bed89517fhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BNCYFEDORAMailing List Patch Release Notes Third Party Advisory