vulnerability

SUSE: CVE-2016-8628: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Nov 10, 2017	Nov 10, 2017	Nov 14, 2020

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Nov 10, 2017

Added

Nov 10, 2017

Modified

Nov 14, 2020

Description

Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.

Solution

suse-upgrade-ansible

References

SUSE-SUSE-SU-2020:3309-1
NVD-CVE-2016-8628

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today