CVE-2018-10874

Impact:
Moderate
Public Date:
2018-06-29
CWE:
CWE-426
Bugzilla:
1596528: CVE-2018-10874 ansible: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution

The MITRE CVE dictionary describes this issue as:

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.

Find out more about CVE-2018-10874 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 7.8
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Ansible Engine 2.6 for RHEL 7 (ansible) RHSA-2018:2166 2018-07-10
Red Hat Ansible Engine 2.5 for RHEL 7 (ansible) RHSA-2018:2150 2018-07-10
Red Hat OpenStack Platform 10 (ansible) RHSA-2019:0054 2019-01-16
Red Hat Ansible Engine 2 for RHEL 7 (ansible) RHSA-2018:2151 2018-07-10
Red Hat OpenStack Platform 12.0 (ansible) RHBA-2018:3788 2018-12-05
Red Hat Ansible Engine 2.4 for RHEL 7 Server (ansible) RHSA-2018:2152 2018-07-10
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts RHSA-2018:2321 2018-07-31
Red Hat OpenStack Platform 13.0 (Queens) (ansible) RHSA-2018:2585 2018-08-29

Affected Packages State

Platform Package State
Red Hat Satellite 6 ansible Not affected
Red Hat OpenStack Platform 14.0 (Rocky) ansible Not affected
Red Hat OpenShift Enterprise 3 ansible Affected
Red Hat Gluster Storage 3 ansible Affected
Red Hat Ceph Storage 3 ansible Affected
Red Hat Ceph Storage 2 ansible Affected

Acknowledgements

Red Hat would like to thank Michael Scherer (OSAS) for reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation