Untriaged
Permalink
CVE-2024-1657
8.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): NONE
Ansible automation platform: insecure websocket used when interacting with eda server
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system.
References
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry
- RHBZ#2265085 issue-tracking x_refsource_REDHAT
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory
- RHSA-2024:1057 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-1657 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2265085 issue-tracking x_refsource_REDHAT x_transferred
Affected products
ansible
- <2.4
ansible-rulebook
- *
automation-eda-controller
- *
ansible-automation-platform-installer
- *
Matching in nixpkgs
pkgs.ansible-cmdb
Generate host overview from ansible fact gathering output
-
nixos-unstable -
- nixpkgs-unstable 1.31
pkgs.ansible-lint
Best practices checker for Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.2
pkgs.ansible_2_16
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.16.14
pkgs.ansible_2_17
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.17.8
pkgs.ansible_2_18
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.18.8
pkgs.ansible_2_19
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.ansible-doctor
Annotation based documentation for your Ansible roles
-
nixos-unstable -
- nixpkgs-unstable 7.2.0
pkgs.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.ansible-navigator
Text-based user interface (TUI) for Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.ansible-language-server
Ansible Language Server
-
nixos-unstable -
- nixpkgs-unstable 1.2.1
pkgs.python312Packages.ansible
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 11.9.0
pkgs.python313Packages.ansible
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 11.9.0
pkgs.terraform-providers.ansible
None
-
nixos-unstable -
- nixpkgs-unstable 1.0.4
pkgs.python312Packages.ansible-core
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.python313Packages.ansible-core
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.python312Packages.ansible-compat
Function collection that help interacting with various versions of Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python312Packages.ansible-runner
Helps when interfacing with Ansible
-
nixos-unstable -
- nixpkgs-unstable 2.4.1
pkgs.python312Packages.pytest-ansible
Plugin for pytest to simplify calling ansible modules from tests or fixtures
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.python313Packages.ansible-compat
Function collection that help interacting with various versions of Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python313Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python313Packages.ansible-runner
Helps when interfacing with Ansible
-
nixos-unstable -
- nixpkgs-unstable 2.4.1
pkgs.python313Packages.pytest-ansible
Plugin for pytest to simplify calling ansible modules from tests or fixtures
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.vscode-extensions.redhat.ansible
Ansible language support
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.python313Packages.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.python312Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python312Packages.ansible-vault-rw
This project aim to R/W an ansible-vault yaml file
-
nixos-unstable -
- nixpkgs-unstable 2.1.0
pkgs.python313Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python313Packages.ansible-vault-rw
This project aim to R/W an ansible-vault yaml file
-
nixos-unstable -
- nixpkgs-unstable 2.1.0
pkgs.python312Packages.jinja2-ansible-filters
Jinja2 Ansible Filters
-
nixos-unstable -
- nixpkgs-unstable jinja2-ansible-filters-1.3.2
pkgs.python313Packages.jinja2-ansible-filters
Jinja2 Ansible Filters
-
nixos-unstable -
- nixpkgs-unstable jinja2-ansible-filters-1.3.2
Package maintainers
-
@robsliwi Robert Sliwinski <r@sliwi.org>
-
@HarisDotParis Haris <git@haris.paris>
-
@Melkor333 Samuel Ruprecht <samuel@ton-kunst.ch>
-
@tie Ivan Trubach <mr.trubach@icloud.com>
-
@tboerger Thomas Boerger <thomas@webhippie.de>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@sengaya Thilo Uttendorfer <tlo@sengaya.de>
-
@dawidd6 Dawid Dziurla <dawidd0811@gmail.com>
-
@geluk Johan Geluk <johan+nix@geluk.io>
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@StillerHarpo Florian Engel <engelflorian@posteo.de>
-
@tjni Theodore Ni <43ngvg@masqt.com>
-
@TheMaxMur Maxim Muravev <muravjev.mak@yandex.ru>