How severe is CVE-2020-25636?

CVE-2020-25636 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2020-25636

Name: ansible
Author: redhat

6.6MEDIUM

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have

Veröffentlicht: 10/5/2020Aktualisiert: 11/21/2024

Beschreibung

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

KI-AnalyseKI-gestützt

Betroffene Produkte

redhatansible

2.10.1

Referenzen

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory