Oval Definition:oval:org.opensuse.security:def:201810875
Revision Date:2022-06-30Version:1
Title:CVE-2018-10875
Description:

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-10875
SUSE-SU-2018:4130-1
openSUSE-SU-2019:0238-1
openSUSE-SU-2019:1125-1
SUSE-SU-2020:3309-1
Mitre CVE-2018-10875
SUSE CVE-2018-10875
SUSE-SU-2018:4130-1
SUSE-SU-2020:3309-1
openSUSE-SU-2019:0238-1
openSUSE-SU-2019:1125-1
openSUSE-SU-2022:0081-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.3
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE Package Hub for SUSE Linux Enterprise 12
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 is installed
  • OR ardana-cinder-8.0+git.1596129856.263f430-3.43.1 is installed
  • OR ardana-glance-8.0+git.1593631779.76fa9b7-3.24.1 is installed
  • OR ardana-mq-8.0+git.1593618123.678c32b-3.26.1 is installed
  • OR ardana-nova-8.0+git.1601298847.dd01585-3.42.1 is installed
  • OR ardana-osconfig-8.0+git.1595885113.93abcbc-3.49.1 is installed
  • OR documentation-suse-openstack-cloud-installation-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-operations-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-opsconsole-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-planning-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-security-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Flask-Cors-3.0.3-3.3.1 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-ardana-packager-0.0.3-7.7.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
  • OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.28.1 is installed
  • OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.29.1 is installed
  • OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.26.1 is installed
  • OR venv-openstack-cinder-x86_64-11.2.3~dev29-14.30.1 is installed
  • OR venv-openstack-designate-x86_64-5.0.3~dev7-12.27.1 is installed
  • OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.24.1 is installed
  • OR venv-openstack-glance-x86_64-15.0.3~dev3-12.27.1 is installed
  • OR venv-openstack-heat-x86_64-9.0.8~dev22-12.29.1 is installed
  • OR venv-openstack-horizon-x86_64-12.0.5~dev3-14.32.1 is installed
  • OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.29.1 is installed
  • OR venv-openstack-keystone-x86_64-12.0.4~dev11-11.30.1 is installed
  • OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.28.1 is installed
  • OR venv-openstack-manila-x86_64-5.1.1~dev5-12.33.1 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.24.1 is installed
  • OR venv-openstack-monasca-x86_64-2.2.2~dev1-11.24.1 is installed
  • OR venv-openstack-murano-x86_64-4.0.2~dev2-12.24.1 is installed
  • OR venv-openstack-neutron-x86_64-11.0.9~dev69-13.32.1 is installed
  • OR venv-openstack-nova-x86_64-16.1.9~dev76-11.30.1 is installed
  • OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.29.1 is installed
  • OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.28.1 is installed
  • OR venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.21.1 is installed
  • OR venv-openstack-trove-x86_64-8.0.2~dev2-11.28.1 is installed
  • OR ansible1 is affected
  • OR Package Information
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR crowbar-core-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-openstack-5.0+git.1599037158.5c4d07480-4.43.1 is installed
  • OR documentation-suse-openstack-cloud-deployment-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.3-1.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ansible-2.7.8-lp150.2.3 is installed
  • AND ansible is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND ansible-2.7.8-bp150.3.6 is installed
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • ansible-2.7.8-9 is installed
  • AND ansible is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND ansible-2.7.8-9 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • AND Package Information
  • ansible-2.9.9-11.8 is installed
  • OR python-coverage-3.6-0.11.2 is installed
  • OR python-passlib-1.6.1-0.3.2 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ansible-2.9.24-1.2 is installed
  • OR ansible-doc-2.9.24-1.2 is installed
  • OR ansible-test-2.9.24-1.2 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND ansible-2.7.8-9.1 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND ansible-2.7.8-bp150.3.6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND Package Information
  • ansible-2.9.9-11.8.1 is installed
  • OR python-coverage-3.6-0.11.2.1 is installed
  • OR python-passlib-1.6.1-0.3.2.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • ansible-2.9.21-bp153.2.3.1 is installed
  • AND ansible is signed with openSUSE key
  • OR
  • ansible-doc-2.9.21-bp153.2.3.1 is installed
  • AND ansible-doc is signed with openSUSE key
  • OR
  • ansible-test-2.9.21-bp153.2.3.1 is installed
  • AND ansible-test is signed with openSUSE key
    • BACK