How severe is CVE-2020-25636?

CVE-2020-25636 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2020-25636

Name: ansible
Author: redhat

6.6MEDIUM

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have

公開日: 10/5/2020更新日: 11/21/2024

説明

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

AI分析AIによる分析

影響を受ける製品

redhatansible

2.10.1

参照

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory