Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2013-4260

Published: 16/09/2013 Updated: 13/02/2023
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
VMScore: 294
Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Redhat

Vulnerability Summary

lib/ansible/playbook/__init__.py in Ansible 1.2.x prior to 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat ansible 1.2.1

redhat ansible 1.2

redhat ansible 1.2.2

References

CWE-264https://bugzilla.redhat.com/show_bug.cgi?id=998227http://www.ansible.com/securityhttps://exchange.xforce.ibmcloud.com/vulnerabilities/86898https://groups.google.com/forum/#%21topic/ansible-project/UVDYW0HGcNghttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook