Vulnerability-Lookup

CVE-2024-9902 (GCVE-0-2024-9902)

Vulnerability from cvelistv5 – Published: 2024-11-06 09:56 – Updated: 2025-11-06 23:17

Title

Ansible-core: ansible-core user may read/write unauthorized content

Summary

A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

CWE

CWE-863 - Incorrect Authorization

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:10762	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8969	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9894	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:1861	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-9902	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2318271	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 0 , < 2.14.18rc1 (custom)
Affected: 2.15.0b1 , < 2.15.13rc1 (custom)
Affected: 2.16.0b1 , < 2.16.13rc1 (custom)
Affected: 2.17.0b1 , < 2.17.6rc1 (custom)
Affected: 2.18.0b1 , < 2.18.0rc2 (custom)

Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 3.0.1-96 , < * (rpm) cpe:/a:redhat:ansible_core:2::el9 cpe:/a:redhat:ansible_core:2::el8
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 3.0.1-95 , < * (rpm) cpe:/a:redhat:ansible_core:2::el9 cpe:/a:redhat:ansible_core:2::el8
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.9.27-32 , < * (rpm) cpe:/a:redhat:ansible_core:2::el9 cpe:/a:redhat:ansible_core:2::el8
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.14.13-21 , < * (rpm) cpe:/a:redhat:ansible_core:2::el9 cpe:/a:redhat:ansible_core:2::el8
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.17.6-2 , < * (rpm) cpe:/a:redhat:ansible_core:2::el9 cpe:/a:redhat:ansible_core:2::el8
Red Hat	Red Hat Ansible Automation Platform 2.4 for RHEL 8	Unaffected: 1:2.15.13-1.el8ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
Red Hat	Red Hat Ansible Automation Platform 2.4 for RHEL 9	Unaffected: 1:2.15.13-1.el9ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 8	Unaffected: 1:2.16.13-1.el8ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 9	Unaffected: 1:2.16.13-1.el9ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
Red Hat	Red Hat OpenStack Platform 17.1 for RHEL 9	Unaffected: 0:2.14.2-4.6.el9ost , < * (rpm) cpe:/a:redhat:openstack:17.1::el9
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10

Credits

Red Hat would like to thank Matt Clay for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9902",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T14:20:56.915379Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:21:06.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:33:34.510Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/ansible",
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "versions": [
            {
              "lessThan": "2.14.18rc1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.15.13rc1",
              "status": "affected",
              "version": "2.15.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.16.13rc1",
              "status": "affected",
              "version": "2.16.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.17.6rc1",
              "status": "affected",
              "version": "2.17.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.18.0rc2",
              "status": "affected",
              "version": "2.18.0b1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el9",
            "cpe:/a:redhat:ansible_core:2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-96",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el9",
            "cpe:/a:redhat:ansible_core:2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-95",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el9",
            "cpe:/a:redhat:ansible_core:2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-29-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.9.27-32",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el9",
            "cpe:/a:redhat:ansible_core:2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.14.13-21",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el9",
            "cpe:/a:redhat:ansible_core:2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.17.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openstack-ansible-core",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.14.2-4.6.el9ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matt Clay for reporting this issue."
        }
      ],
      "datePublic": "2024-11-06T06:11:25.611Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T23:17:23.106Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10762"
        },
        {
          "name": "RHSA-2024:8969",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8969"
        },
        {
          "name": "RHSA-2024:9894",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9894"
        },
        {
          "name": "RHSA-2025:1861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1861"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9902"
        },
        {
          "name": "RHBZ#2318271",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-12T02:41:32.581000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-06T06:11:25.611000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Ansible-core: ansible-core user may read/write unauthorized content",
      "workarounds": [
        {
          "lang": "en",
          "value": "In the play that uses the user module with the key generation option,\nhave a prior task ensuring the public key does not exist for example:\n\n- name: avoid user exploit (change name depending on other options\nused in user task)\nfile: path=/home/{{username}}/.ssh/id_rsa.pub state=absent"
        }
      ],
      "x_redhatCweChain": "CWE-863: Incorrect Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9902",
    "datePublished": "2024-11-06T09:56:54.505Z",
    "dateReserved": "2024-10-12T02:46:57.580Z",
    "dateUpdated": "2025-11-06T23:17:23.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T22:33:34.510Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-9902\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-06T14:20:56.915379Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-06T14:21:02.895Z\"}}], \"cna\": {\"title\": \"Ansible-core: ansible-core user may read/write unauthorized content\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Matt Clay for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.14.18rc1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2.15.0b1\", \"lessThan\": \"2.15.13rc1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2.16.0b1\", \"lessThan\": \"2.16.13rc1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2.17.0b1\", \"lessThan\": \"2.17.6rc1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2.18.0b1\", \"lessThan\": \"2.18.0rc2\", \"versionType\": \"custom\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://github.com/ansible/ansible\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el9\", \"cpe:/a:redhat:ansible_core:2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.0.1-96\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ansible-builder-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el9\", \"cpe:/a:redhat:ansible_core:2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.0.1-95\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ansible-builder-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el9\", \"cpe:/a:redhat:ansible_core:2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.9.27-32\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-29-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el9\", \"cpe:/a:redhat:ansible_core:2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.14.13-21\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-minimal-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el9\", \"cpe:/a:redhat:ansible_core:2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.17.6-2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-minimal-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.15.13-1.el8ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.15.13-1.el9ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.16.13-1.el8ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.16.13-1.el9ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.14.2-4.6.el9ost\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openstack-ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-10-12T02:41:32.581000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-11-06T06:11:25.611000+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-11-06T06:11:25.611Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:10762\", \"name\": \"RHSA-2024:10762\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:8969\", \"name\": \"RHSA-2024:8969\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:9894\", \"name\": \"RHSA-2024:9894\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1861\", \"name\": \"RHSA-2025:1861\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-9902\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2318271\", \"name\": \"RHBZ#2318271\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"In the play that uses the user module with the key generation option,\\nhave a prior task ensuring the public key does not exist for example:\\n\\n- name: avoid user exploit (change name depending on other options\\nused in user task)\\nfile: path=/home/{{username}}/.ssh/id_rsa.pub state=absent\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-06T23:17:23.106Z\"}, \"x_redhatCweChain\": \"CWE-863: Incorrect Authorization\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-9902\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T23:17:23.106Z\", \"dateReserved\": \"2024-10-12T02:46:57.580Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-11-06T09:56:54.505Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-0481

Vulnerability from certfr_avis - Published: 2025-06-06 - Updated: 2025-06-06

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	IBM	Cloud Pak	IBM Cloud Pak for Security versions 1.10.x antérieures à 1.11.3.0
	IBM	QRadar	QRadar Suite Software versions postérieures à 1.10.12.0 et antérieures à 1.11.3.0

References

Title

Publication Time

GHSA-32P4-GM2C-WMCH

Vulnerability from github – Published: 2024-11-06 12:31 – Updated: 2025-11-04 16:53

Summary

ansible-core Incorrect Authorization vulnerability

Details

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.

Severity ?

6.3 (Medium)


                  
                    CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

5.3 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.14.18rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.15.0b1"
            },
            {
              "fixed": "2.15.13rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.16.0b1"
            },
            {
              "fixed": "2.16.13rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.17.0b1"
            },
            {
              "fixed": "2.17.6rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.18.0b1"
            },
            {
              "fixed": "2.18.0rc2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-9902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-06T15:37:19Z",
    "nvd_published_at": "2024-11-06T10:15:06Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.",
  "id": "GHSA-32p4-gm2c-wmch",
  "modified": "2025-11-04T16:53:27Z",
  "published": "2024-11-06T12:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9902"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/03794735d370db98a5ec2ad514fab2b0dd22d6be"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/03daf774d0d80fb7235910ed1c2b4fbcaebdfe65"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/3b6de811abea0a811e03e3029222a7e459922892"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/9d7312f695639e804d2caeb1d0f51c716a9ac7dd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/f7be90626da3035c697623dcf9c90b7a0bc91c92"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:10762"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:8969"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:9894"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:1861"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-9902"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "ansible-core Incorrect Authorization vulnerability"
}

CVE-2024-9902

Vulnerability from fstec - Published: 17.09.2024

Title

Уязвимость модуля `user` систем управления конфигурациями Ansible Core и Ansible, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Description

Уязвимость модуля `user` систем управления конфигурациями Ansible Core и Ansible связана с неправильной авторизацией. Эксплуатация уязвимости может позволить нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

Vendor

ООО «РусБИТех-Астра», Red Hat Inc.

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Ansible

Software Version

1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.8 (Astra Linux Special Edition), до 2.14.18 (Ansible), до 2.18.0 (Ansible), от 2.15.0 до 2.15.13 (Ansible), от 2.16.0 до 2.16.13 (Ansible), от 2.17.0 до 2.17.6 (Ansible), 3.8 (Astra Linux Special Edition)

Possible Mitigations

Использование рекомендаций: Для Ansible: https://github.com/ansible/ansible/issues/83955 Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 Для ОС Astra Linux: обновить пакет ansible до 2.10.7+merged+base+2.10.17+dfsg-0+deb11u2+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17 Для ОС Astra Linux: обновить пакет ansible до 2.10.7+merged+base+2.10.17+dfsg-0+deb11u2+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE47 Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

Reference

https://github.com/ansible/ansible/commit/0959472bc62d3fcb28200bebed6346398ca355ea https://github.com/ansible/ansible/commit/3b5a4319985e1eabe7fc0410bf8308b671f4f586 https://github.com/ansible/ansible/commit/c068e45d8da7c6f5bbd3a12493047b07d77e6479 https://github.com/ansible/ansible/issues/83955 https://nvd.nist.gov/vuln/detail/CVE-2024-9902 https://security-tracker.debian.org/tracker/CVE-2024-9902 https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE122 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

CWE

CWE-863

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:H/Au:S/C:C/I:C/A:P",
  "CVSS 3.0": "AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.8 (Astra Linux Special Edition), \u0434\u043e 2.14.18 (Ansible), \u0434\u043e 2.18.0 (Ansible), \u043e\u0442 2.15.0 \u0434\u043e 2.15.13 (Ansible), \u043e\u0442 2.16.0 \u0434\u043e 2.16.13 (Ansible), \u043e\u0442 2.17.0 \u0434\u043e 2.17.6 (Ansible), 3.8 (Astra Linux Special Edition)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Ansible:\nhttps://github.com/ansible/ansible/issues/83955\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible \u0434\u043e 2.10.7+merged+base+2.10.17+dfsg-0+deb11u2+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible \u0434\u043e 2.10.7+merged+base+2.10.17+dfsg-0+deb11u2+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.09.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-12356",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-9902",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Ansible",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 3.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f `user` \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 Ansible Core \u0438 Ansible, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f (CWE-863)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f `user` \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 Ansible Core \u0438 Ansible \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/ansible/ansible/commit/0959472bc62d3fcb28200bebed6346398ca355ea\nhttps://github.com/ansible/ansible/commit/3b5a4319985e1eabe7fc0410bf8308b671f4f586\nhttps://github.com/ansible/ansible/commit/c068e45d8da7c6f5bbd3a12493047b07d77e6479\nhttps://github.com/ansible/ansible/issues/83955\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-9902\nhttps://security-tracker.debian.org/tracker/CVE-2024-9902\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE122\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-863",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,7)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,3)"
}

FKIE_CVE-2024-9902

Vulnerability from fkie_nvd - Published: 2024-11-06 10:15 - Updated: 2025-11-03 23:17

Severity ?

6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

Summary

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:10762
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8969
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:9894
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:1861
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-9902
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2318271
	af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en Ansible. El m\u00f3dulo `user` de ansible-core puede permitir que un usuario sin privilegios cree o reemplace silenciosamente el contenido de cualquier archivo en cualquier ruta del sistema y tome posesi\u00f3n de \u00e9l cuando un usuario privilegiado ejecuta el m\u00f3dulo `user` en el directorio de inicio del usuario sin privilegios. Si el usuario sin privilegios tiene permisos de navegaci\u00f3n en el directorio que contiene el archivo de destino explotado, conserva el control total sobre el contenido del archivo como su propietario."
    }
  ],
  "id": "CVE-2024-9902",
  "lastModified": "2025-11-03T23:17:34.743",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.5,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-06T10:15:06.200",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:10762"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8969"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:9894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:1861"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-9902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-9902 (GCVE-0-2024-9902)

CERTFR-2025-AVI-0481

Solutions

GHSA-32P4-GM2C-WMCH

CVE-2024-9902

FKIE_CVE-2024-9902

Tags

Sightings

Nomenclature