CVE-2017-7481

CRITICAL IN THE WILD

Ansible <2.3.1.0-2.4.0.0 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2017-7481 has been observed exploited in the wild (reported by InTheWild.io).

Description

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

References (11)

Core 11
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1599
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1334
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98492
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1244
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1499
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2524
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1476
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4072-1/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html

Scores

CVSS v3 9.8
EPSS 0.0462
EPSS Percentile 90.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

InTheWild.io 2021-07-23
CWE
CWE-20
Status published
Products (15)
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.04
debian/debian_linux 9.0
pypi/ansible 2.3.0.0 - 2.3.1.0PyPI
redhat/ansible_engine < 2.3.1.0
redhat/gluster_storage 3.2
redhat/openshift_container_platform 3.3
redhat/openshift_container_platform 3.4
redhat/openshift_container_platform 3.5
... and 5 more
Published Jul 19, 2018
Tracked Since Feb 18, 2026