Vulnerability CVE-2016-8628

Vulnerability Name:

CVE-2016-8628 (CCN-118974)

Assigned:

2016-11-15

Published:

2016-11-15

Updated:

2019-10-09

Summary:

Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.

CVSS v3 Severity:

9.1 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
7.9 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-77

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-8628

Source: CCN
Type: RHSA-2016-2778
Moderate: atomic-openshift-utils security and bug fix update

Source: BID
Type: Third Party Advisory, VDB Entry
94109

Source: CCN
Type: BID-94109
Ansible CVE-2016-8628 Remote Command Injection Vulnerability

Source: REDHAT
Type: Third Party Advisory
RHSA-2016:2778

Source: CCN
Type: Red Hat Bugzilla
(CVE-2016-8628) CVE-2016-8628 ansible: Command injection by compromised server via fact variables

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8628

Source: XF
Type: UNKNOWN
ansible-cve20168628-command-exec(118974)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-8628

Vulnerable Configuration:

Configuration 1:

cpe:/a:redhat:ansible:*:*:*:*:*:*:*:* (Version < 2.2.0)

Configuration CCN 1:

cpe:/a:redhat:ansible:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20168628	V	CVE-2016-8628	2022-05-22
oval:org.opensuse.security:def:34008	P	Security update for openssh (Important)	2021-12-02
oval:org.opensuse.security:def:33744	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:60340	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:33959	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:33901	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:30067	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:29348	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:34047	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:29479	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:59856	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:60456	P	Security update for tomcat (Moderate)	2021-02-19
oval:org.opensuse.security:def:30023	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:60300	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:33656	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:30004	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:29965	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:61058	P	Security update for openexr (Moderate)	2020-12-23
oval:org.opensuse.security:def:29566	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:33287	P	x3270 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60552	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29265	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:29916	P	Security update for libcroco (Moderate)	2020-12-01
oval:org.opensuse.security:def:60790	P	Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift (Important)	2020-12-01
oval:org.opensuse.security:def:60041	P	Security update for bash (Important)	2020-12-01
oval:org.opensuse.security:def:26315	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:25244	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:60937	P	Security update for galera-3, mariadb, mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:33276	P	unixODBC_23 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60718	P	Security update for python3-requests (Moderate)	2020-12-01
oval:org.opensuse.security:def:30742	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:29708	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:60761	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25187	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25633	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:60815	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:24904	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:25531	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:34754	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:25106	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:60634	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29277	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26350	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:25328	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:61028	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:33599	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34072	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:24979	P	Security update for polkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:33275	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29861	P	Security update for Linux Kernel	2020-12-01
oval:org.opensuse.security:def:60711	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25677	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:33503	P	Security update for nagios	2020-12-01
oval:org.opensuse.security:def:60899	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:24915	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:60600	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:34794	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:30705	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29623	P	Security update for bsdtar (Moderate)	2020-12-01
oval:org.opensuse.security:def:60672	P	Security update for python-PyKMIP (Moderate)	2020-12-01
oval:org.opensuse.security:def:33368	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:25619	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:29266	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25478	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:60978	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:60111	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:34116	P	Security update for nautilus (Low)	2020-12-01
oval:org.opensuse.security:def:84056	P	Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift (Important)	2020-11-12
oval:org.opensuse.security:def:84511	P	Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift (Important)	2020-11-12
oval:com.ubuntu.bionic:def:20168628000	V	CVE-2016-8628 on Ubuntu 18.04 LTS (bionic) - medium.	2018-07-31
oval:com.ubuntu.bionic:def:201686280000000	V	CVE-2016-8628 on Ubuntu 18.04 LTS (bionic) - medium.	2018-07-31
oval:com.ubuntu.trusty:def:20168628000	V	CVE-2016-8628 on Ubuntu 14.04 LTS (trusty) - medium.	2018-07-31
oval:com.ubuntu.xenial:def:201686280000000	V	CVE-2016-8628 on Ubuntu 16.04 LTS (xenial) - medium.	2018-07-31
oval:com.ubuntu.xenial:def:20168628000	V	CVE-2016-8628 on Ubuntu 16.04 LTS (xenial) - medium.	2018-07-31
oval:com.ubuntu.artful:def:20168628000	V	CVE-2016-8628 on Ubuntu 17.10 (artful) - medium.	2016-11-02

BACK