PT-2022-10610 · Unknown · Ansible-Runner

Abadger

Published

2022-08-23

Updated

2022-08-29

CVE-2021-3702

CVSS v3.1

6.3

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions ansible-runner (affected versions not specified)

Description A race condition flaw was found, allowing an attacker to potentially access ansible-runner's private data dir by substituting their directory at the name of a temporary directory. This flaw poses a threat to integrity and confidentiality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-377

Related Identifiers

CVE-2021-3702

GHSA-772J-XVF9-QPF5

PYSEC-2022-43068

Affected Products

Ansible-Runner

PT-2022-10610 · Unknown · Ansible-Runner

CVE-2021-3702

Weakness Enumeration

Related Identifiers

Affected Products

References · 10