CVE-2021-3533

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-3533
Rejected reason: This vulnerability does not meet the criteria for a security vulnerability
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

23 Jan 2024, 13:15

Type Values Removed Values Added
Summary Rejected reason: This CVE is marked as INVALID and not a bug Rejected reason: This vulnerability does not meet the criteria for a security vulnerability

15 Jan 2024, 17:15

Type Values Removed Values Added
CVSS v2 : 1.2
v3 : 2.5 		v2 : unknown
v3 : unknown
CPE cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_tower:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_automation_platform:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack-rdo:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
CWE CWE-362
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1956477', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1956477', 'tags': ['Issue Tracking', 'Vendor Advisory'], 'refsource': 'MISC'}
Summary A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2. Rejected reason: This CVE is marked as INVALID and not a bug
Information

Published : 2021-06-09 12:15

Updated : 2024-04-16 17:02

NVD link : CVE-2021-3533

Mitre link : CVE-2021-3533

CVE.ORG link : CVE-2021-3533

JSON object : View

Products Affected

No product.

CWE

No CWE.