Oval Definition:oval:org.opensuse.security:def:20168628
Revision Date:2022-05-22Version:1
Title:CVE-2016-8628
Description:

Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-8628
openSUSE-SU-2017:2976-1
openSUSE-SU-2017:2978-1
SUSE-SU-2020:3309-1
Mitre CVE-2016-8628
SUSE CVE-2016-8628
SUSE-SU-2020:3309-1
openSUSE-SU-2017:2976-1
openSUSE-SU-2017:2978-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • ansible-2.4.1.0-2.4.1 is installed
  • AND ansible is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • ansible-2.4.1.0-6 is installed
  • AND ansible is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND ansible-2.4.1.0-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ansible is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • AND ansible-2.2.0.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND ansible-2.2.0.0-7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 is installed
  • OR ardana-cinder-8.0+git.1596129856.263f430-3.43.1 is installed
  • OR ardana-glance-8.0+git.1593631779.76fa9b7-3.24.1 is installed
  • OR ardana-mq-8.0+git.1593618123.678c32b-3.26.1 is installed
  • OR ardana-nova-8.0+git.1601298847.dd01585-3.42.1 is installed
  • OR ardana-osconfig-8.0+git.1595885113.93abcbc-3.49.1 is installed
  • OR documentation-suse-openstack-cloud-installation-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-operations-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-opsconsole-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-planning-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-security-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Flask-Cors-3.0.3-3.3.1 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-ardana-packager-0.0.3-7.7.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
  • OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.28.1 is installed
  • OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.29.1 is installed
  • OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.26.1 is installed
  • OR venv-openstack-cinder-x86_64-11.2.3~dev29-14.30.1 is installed
  • OR venv-openstack-designate-x86_64-5.0.3~dev7-12.27.1 is installed
  • OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.24.1 is installed
  • OR venv-openstack-glance-x86_64-15.0.3~dev3-12.27.1 is installed
  • OR venv-openstack-heat-x86_64-9.0.8~dev22-12.29.1 is installed
  • OR venv-openstack-horizon-x86_64-12.0.5~dev3-14.32.1 is installed
  • OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.29.1 is installed
  • OR venv-openstack-keystone-x86_64-12.0.4~dev11-11.30.1 is installed
  • OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.28.1 is installed
  • OR venv-openstack-manila-x86_64-5.1.1~dev5-12.33.1 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.24.1 is installed
  • OR venv-openstack-monasca-x86_64-2.2.2~dev1-11.24.1 is installed
  • OR venv-openstack-murano-x86_64-4.0.2~dev2-12.24.1 is installed
  • OR venv-openstack-neutron-x86_64-11.0.9~dev69-13.32.1 is installed
  • OR venv-openstack-nova-x86_64-16.1.9~dev76-11.30.1 is installed
  • OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.29.1 is installed
  • OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.28.1 is installed
  • OR venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.21.1 is installed
  • OR venv-openstack-trove-x86_64-8.0.2~dev2-11.28.1 is installed
  • OR ansible1 is affected
  • OR Package Information
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR crowbar-core-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-openstack-5.0+git.1599037158.5c4d07480-4.43.1 is installed
  • OR documentation-suse-openstack-cloud-deployment-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.3-1.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND ansible-2.4.1.0-6.1 is installed
    • BACK