CVE-2020-1737

Current Description

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.

Basic Data

PublishedMarch 09, 2020
Last ModifiedJune 13, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-22
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.6
SeverityMEDIUM
Exploitability Score3.9
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRedhatAnsible Engine********2.7.17
    2.3ApplicationRedhatAnsible Engine********2.8.02.8.9
    2.3ApplicationRedhatAnsible Engine********2.9.02.9.6
    2.3ApplicationRedhatAnsible Tower********3.3.4
    2.3ApplicationRedhatAnsible Tower********3.4.03.4.5
    2.3ApplicationRedhatAnsible Tower********3.5.03.5.5
    2.3ApplicationRedhatAnsible Tower********3.6.03.6.3

Vulnerable Software List

VendorProductVersions
Redhat Ansible Tower *
Redhat Ansible Engine *

References

NameSourceURLTags
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737CONFIRMIssue Tracking Vendor Advisory
https://github.com/ansible/ansible/issues/67795https://github.com/ansible/ansible/issues/67795MISCThird Party Advisory
FEDORA-2020-a3f12bcff4https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3FEDORA
FEDORA-2020-0cab7041f7https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27KFEDORA
FEDORA-2020-87f5e1e829https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMVFEDORA
GLSA-202006-11https://security.gentoo.org/glsa/202006-11GENTOO