CyberSec.Space Logo
Back to CVE Browser

CVE-2014-4678

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile10.87th
PublishedFeb 20, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657.

Affected Platforms (CPE)

πŸ“¦
Redhat

Ansible

< 1.6.4
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0
πŸ’»
Debian

Debian Linux

= 10.0

References & Advisories

πŸ”— https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916
πŸ”— https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ
πŸ”— https://security-tracker.debian.org/tracker/CVE-2014-4678
πŸ”— https://www.openwall.com/lists/oss-security/2014/06/26/30
πŸ”— https://www.openwall.com/lists/oss-security/2014/07/02/2
πŸ”— https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5
πŸ”— https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678
πŸ”— https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916

Related Vulnerabilities

CVE-2017-75509.8

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin m...

CVE-2018-168799.8

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel setting...

CVE-2017-74819.8

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t...

CVE-2019-151499.8

core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that ...