CVE-2017-2809

An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
talosCNA
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
ansible-vault_projectansible-vault
𝑥
≤ 1.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100824
https://github.com/tomoh1r/ansible-vault/blob/v1.0.5/CHANGES.txt
https://github.com/tomoh1r/ansible-vault/commit/3f8f659ef443ab870bb19f95d43543470168ae04
https://github.com/tomoh1r/ansible-vault/issues/4
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0305
http://www.securityfocus.com/bid/100824
https://github.com/tomoh1r/ansible-vault/blob/v1.0.5/CHANGES.txt
https://github.com/tomoh1r/ansible-vault/commit/3f8f659ef443ab870bb19f95d43543470168ae04
https://github.com/tomoh1r/ansible-vault/issues/4
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0305