How severe is CVE-2020-25636?

CVE-2020-25636 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2020-25636

Name: ansible
Author: redhat

6.6MEDIUM

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have

게시됨: 10/5/2020업데이트됨: 11/21/2024

설명

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

AI 분석AI 기반

영향받는 제품

redhatansible

2.10.1

참조

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory