A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using t…
A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
https://cwe.mitre.org/data/definitions/23.html →Open in CWE collection →An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
https://capec.mitre.org/data/definitions/76.html →Open in CAPEC collection →An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.
https://capec.mitre.org/data/definitions/139.html →Open in CAPEC collection →| Product | Vendor | Status |
|---|---|---|
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible | Tracked | |
| ansible-core | Tracked | |
| ansible-core | Tracked | |
| ansible-core | Tracked | |
| ansible-core | Tracked | |
| python-galaxy-importer | Tracked | |
| python-galaxy-importer | Tracked | |
| python-galaxy-importer | Tracked | |
| python-galaxy-importer | Tracked | |
| python-galaxy-importer | Tracked | |
| python3x-galaxy-importer | Tracked | |
| ansible_automation_platform | * | Tracked |
| satellite | * | Tracked |