CVE-2020-1737 vulnerability in Red Hat Products
Published on March 9, 2020
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.
Vulnerability Analysis
CVE-2020-1737 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2020-1737 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2020-1737
stack.watch emails you whenever new vulnerabilities are published in Red Hat Ansible Engine or Red Hat Ansible Tower. Just hit a watch button to start following.
Affected Versions
Red Hat Ansible:- Version 2.7.17 and prior is affected.
- Version 2.8.9 and prior is affected.
- Version 2.9.6 and prior is affected.
- Version fixed in 2.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.