CVE-2016-9587

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:ansible:ansible:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*

Information

Published : 2018-04-24 09:29

Updated : 2021-09-13 03:50


NVD link : CVE-2016-9587

Mitre link : CVE-2016-9587


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

ansible

  • ansible

redhat

  • openstack
  • ansible