CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-7481

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1080%
EPSS Percentile31.56th
Published2018年7月19日
Last Modified2024年11月21日

Vulnerability Description

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

Affected Platforms (CPE)

📦
Redhat

Openshift Container Platform

= 3.3
📦
Redhat

Openshift Container Platform

= 3.4
📦
Redhat

Openshift Container Platform

= 3.5
📦
Redhat

Openstack

= 10
📦
Redhat

Openstack

= 11
📦
Redhat

Storage Console

= 2.0
📦
Redhat

Virtualization

= 4.1
📦
Redhat

Virtualization Manager

= 4.1
📦
Redhat

Gluster Storage

= 3.2
📦
Redhat

Ansible Engine

< 2.3.1.0
📦
Redhat

Ansible Engine

>= 2.3.2.0 and < 2.4.0.0
💻
Canonical

Ubuntu Linux

= 16.04
💻
Canonical

Ubuntu Linux

= 18.04
💻
Canonical

Ubuntu Linux

= 19.04
💻
Debian

Debian Linux

= 9.0

References & Advisories

🔗 http://www.securityfocus.com/bid/98492
🔗 https://access.redhat.com/errata/RHSA-2017:1244
🔗 https://access.redhat.com/errata/RHSA-2017:1334
🔗 https://access.redhat.com/errata/RHSA-2017:1476
🔗 https://access.redhat.com/errata/RHSA-2017:1499
🔗 https://access.redhat.com/errata/RHSA-2017:1599
🔗 https://access.redhat.com/errata/RHSA-2017:2524
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481

相关漏洞威胁

CVE-2019-38999.8

It was found that default configuration of Heketi does not require any authentication potentially exposing the management interfac...

CVE-2019-148198.8

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service acc...

CVE-2018-108438.5

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vuln...

CVE-2021-201988.1

A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of Ope...