CVE-2020-25636
MEDIUMAnsible - Unauthenticated Arbitrary File Write via AWS SSM Connection Plugin
Title source: llmDescription
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.
References (2)
Core 2
Core References
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Third Party Advisory x_refsource_misc
https://github.com/ansible-collections/community.aws/issues/221
Scores
CVSS v3
6.6
EPSS
0.0029
EPSS Percentile
20.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Details
CWE
CWE-552
CWE-377
Status
published
Products (1)
redhat/ansible
2.10.1 rc2
Published
Oct 05, 2020
Tracked Since
Feb 18, 2026