CVE-2023-4237 - OpenCVE

A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Ansible Collection Ansible Automation Platform

Configuration 1 [-]

OR	cpe:2.3:a:redhat:ansible_automation_platform:2.0:::::::*
	cpe:2.3:a:redhat:ansible_collection::::::::

References

Link	Resource
https://access.redhat.com/errata/RHBA-2023:5653
https://access.redhat.com/errata/RHBA-2023:5666
https://access.redhat.com/security/cve/CVE-2023-4237	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2229979	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-10-04T14:23:20.710Z

Updated: 2024-05-01T20:21:06.124Z

Reserved: 2023-08-08T11:15:05.990Z

Link: CVE-2023-4237

JSON object: View

NVD Information

Status : Modified

Published: 2023-10-04T15:15:12.643

Modified: 2023-12-01T12:15:07.670

Link: CVE-2023-4237

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-4237", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-08-08T11:15:05.990Z", "datePublished": "2023-10-04T14:23:20.710Z", "dateUpdated": "2024-05-01T20:21:06.124Z"}, "containers": {"cna": {"title": "Ansible automation platform: ec2_key module prints out the private key directly to the standard output", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "ansible-automation-platform-24/ee-supported-rhel8", "defaultStatus": "affected", "versions": [{"version": "1.0.0-423", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ansible_automation_platform:2.4::el9", "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "cpe:/a:redhat:ansible_automation_platform_cloud_billing:2.4::el8"]}, {"vendor": "Red Hat", "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "ansible-automation-platform-24/ee-supported-rhel9", "defaultStatus": "affected", "versions": [{"version": "1.0.0-424", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ansible_automation_platform:2.4::el9", "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "cpe:/a:redhat:ansible_automation_platform_cloud_billing:2.4::el8"]}], "references": [{"url": "https://access.redhat.com/errata/RHBA-2023:5653", "name": "RHBA-2023:5653", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHBA-2023:5666", "name": "RHBA-2023:5666", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-4237", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229979", "name": "RHBZ#2229979", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2023-08-08T11:15:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-497", "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere", "timeline": [{"lang": "en", "time": "2023-08-08T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-08-08T11:15:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Jill Rouleau (redhat) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-05-01T20:21:06.124Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B4BE2D6-43C3-4065-A213-5DB1325DC78F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_collection:*:*:*:*:*:*:*:*", "matchCriteriaId": "60009086-F9BE-4F69-B37C-1F57F8C2C4D9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en la plataforma de automatizaci\u00f3n Ansible. Al crear un nuevo par de claves, el m\u00f3dulo ec2_key imprime la clave privada directamente en la salida est\u00e1ndar. Esta falla permite que un atacante obtenga esas claves de los archivos de registro, comprometiendo la confidencialidad, integridad y disponibilidad del sistema."}], "id": "CVE-2023-4237", "lastModified": "2023-12-01T12:15:07.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-10-04T15:15:12.643", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHBA-2023:5653"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHBA-2023:5666"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-4237"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229979"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-497"}], "source": "secalert@redhat.com", "type": "Secondary"}]}