CVE-2017-7481 — CRITICAL (9.8)

Q: How severe is CVE-2017-7481?

CVE-2017-7481 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2017-7481?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Openshift Container Platform, Redhat Openstack, Redhat Storage Console, Redhat Virtualization, Redhat Virtualization Manager.

Vulnerability Description

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Redhat	Openshift Container Platform	3.3
Redhat	Openstack	10
Redhat	Storage Console	2.0
Redhat	Virtualization	4.1
Redhat	Virtualization Manager	4.1
Redhat	Gluster Storage	3.2
Redhat	Enterprise Linux	7.0
Redhat	Ansible Engine	< 2.3.1.0
Canonical	Ubuntu Linux	16.04
Debian	Debian Linux	9.0

Related Weaknesses (CWE)

CWE-20

References

http://www.securityfocus.com/bid/98492Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2017:1244Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1334Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1476Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1499Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1599Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2524Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481Issue TrackingPatchVendor Advisory
https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7PatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/01/msg00023.htmlMailing ListThird Party Advisory
https://usn.ubuntu.com/4072-1/Third Party Advisory
http://www.securityfocus.com/bid/98492Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2017:1244Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1334Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:1476Vendor Advisory

FAQ

What is CVE-2017-7481?

CVE-2017-7481 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be ...

How severe is CVE-2017-7481?

CVE-2017-7481 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-7481?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Openshift Container Platform, Redhat Openstack, Redhat Storage Console, Redhat Virtualization, Redhat Virtualization Manager.