How severe is CVE-2020-25636?

CVE-2020-25636 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2020-25636

Name: ansible
Author: redhat

6.6MEDIUM

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have

发布于: 10/5/2020更新于: 11/21/2024

描述

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

AI分析AI驱动

受影响产品

redhatansible

2.10.1

参考资料

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25636
Issue TrackingVendor Advisory
https://github.com/ansible-collections/community.aws/issues/221
Third Party Advisory