#VU12839 Command injection in Ansible Tower - CVE-2018-1104

Cybersecurity Help s.r.o.

Published: 2018-05-18

Vulnerability identifier: #VU12839

Vulnerability risk: High

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]

CVE-ID: CVE-2018-1104

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ansible Tower
Web applications / Remote management & hosting panels

Vendor: Red Hat Inc.

Description
The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The weakness exists in user-provided extra_vars due to command injection via Jinja2 variables. A remote attacker can execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update to version 3.2.4.

Vulnerable software versions

Ansible Tower: 3.2.0 - 3.2.3

External links
https://www.ansible.com/security

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Red Hat CloudForms

Red Hat update for cloudforms