CVE-2020-1734 Information

Description

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run when the pipe lookup plugin uses subprocess.Popen() with shell=True by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734 https://github.com/ansible/ansible/issues/67792

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

LOW

Base Severity

7.4