Vulnerability DatabaseCVE-2020-1733
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2020-1733
March 11, 2020
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.
Affected Packages
ansible (PYTHON):
Affected version(s) >=2.9.0b1 <2.9.7
Fix Suggestion:
Update to version 2.9.7
ansible (PYTHON):
Affected version(s) >=2.8.0a1 <2.8.11
Fix Suggestion:
Update to version 2.8.11
ansible (PYTHON):
Affected version(s) >=1.0 <2.7.17
Fix Suggestion:
Update to version 2.7.17
Related ResourcesĀ (21)
https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47
https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html
https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e
https://nvd.nist.gov/vuln/detail/CVE-2020-1733
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
https://github.com/ansible/ansible
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
https://security.gentoo.org/glsa/202006-11
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
https://www.debian.org/security/2021/dsa-4950
https://github.com/ansible/ansible/issues/67791
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
Do you need more information?
Contact Us
CVSS v4
Base Score:
1
Attack Vector
LOCAL
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
LOW
CVSS v3
Base Score:
5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
CVSS v2
Base Score:
3.7
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
Weakness Type (CWE)
Exposure of Resource to Wrong Sphere
CWE-668
Insecure Temporary File
CWE-377
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-362
EPSS
Base Score:
0.03