Ansible CVE-2017-7466 Incomplete Fix Arbitrary Command Execution Vulnerability

Ansible is prone to a remote arbitrary command-execution vulnerability because it fails to sanitize user-supplied input.

An attacker can exploit this issue to execute arbitrary commands in the affected system.

NOTE: This issue is the result of an incomplete fix for the issue described in BID 95352 (Ansible CVE-2016-9587 Arbitrary Command Execution Vulnerability).


 

Privacy Statement
Copyright 2010, SecurityFocus