#VU7411 Improper input validation in Ansible - CVE-2016-8647

Cybersecurity Help s.r.o.

Published: 2017-07-11

Vulnerability identifier: #VU7411

Vulnerability risk: Low

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-8647

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ansible
Server applications / Remote management servers, RDP, SSH

Vendor: Red Hat Inc.

Description
The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.

The weakness exists due to input validation error in Ansible's mysql_user module that may lead to incorrect password changing. An adjacent attacker can use the previous password and bypass security restrictions.

Successful exploitation of the vulnerability may result in access to the system.

Mitigation
Update to version 2.3.0.

Vulnerable software versions

Ansible: 2.0.0 - 2.0.2, 2.1.0 - 2.1.6, 2.2.0 - 2.2.3

External links
http://github.com/ansible/ansible-modules-core/pull/5388
http://rhn.redhat.com/errata/RHSA-2017-1685.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for SUSE Manager Client Tools

SUSE update for Security Beta update for SUSE Manager Client Tools and Salt

Multiple vulnerabilities in Red Hat Ansible