Bug 1180816 - (CVE-2021-20178) VUL-0: CVE-2021-20178: ansible1,ansible: user data leak in snmp_facts module
(CVE-2021-20178)
VUL-0: CVE-2021-20178: ansible1,ansible: user data leak in snmp_facts module
Status: IN_PROGRESS
: 1186493 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/275014/
CVSSv3.1:SUSE:CVE-2021-20178:5.0:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-01-12 12:26 UTC by Robert Frohl
Modified: 2022-09-08 13:45 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2021-01-12 12:26:50 UTC
rh#1914774

snmp_facts module in Ansible leaks user authentication such as authKey and privKey. This could lead in disclosing those credentials for every user which has access to the output of playbook execution.

References:
https://github.com/ansible-collections/community.general/pull/1621
https://bugzilla.redhat.com/show_bug.cgi?id=1914774
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20178
Comment 1 Robert Frohl 2021-01-12 12:28:07 UTC
tracking as affected:
- SUSE:SLE-11-SP3:Update:Teradata/ansible
- SUSE:SLE-12-SP2:Update:Products:Cloud7:Update/ansible
- SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/ansible

- SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/ansible1
- SUSE:SLE-12-SP4:Update:Products:Cloud9:Update/ansible1
Comment 2 Matej Cepl 2021-02-09 22:33:16 UTC
Waiting on release 2.9.18.
https://github.com/ansible/ansible/commits/stable-2.9
Comment 5 Gianluca Gabrielli 2021-06-04 13:39:00 UTC
The following packages are affected:
 - SUSE:SLE-11-SP3:Update:Teradata/ansible                         2.9.14
 - SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/ansible           2.9.14

The following packages are already patched:
 - SUSE:SLE-15:Update:Products:ManagerToolsBeta:Update/ansible     2.9.21
 - openSUSE:Factory/ansible                                        2.9.20

The following packages are not affected:
 - SUSE:SLE-12-SP2:Update:Products:Cloud7:Update/ansible   2.2.3.0
 - SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/ansible1  1.9.6
 - SUSE:SLE-12-SP4:Update:Products:Cloud9:Update/ansible1  1.9.6

Upstream patch [0].

[0] https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc.patch
Comment 6 Gianluca Gabrielli 2021-06-04 13:55:39 UTC
ansible will be available to SUSE:SLE-15:Update as soon as SUSE:Maintenance:19629 will be processed, that package is already patched for this vulnerability.
Comment 7 Gianluca Gabrielli 2021-06-04 13:57:34 UTC
*** Bug 1186493 has been marked as a duplicate of this bug. ***
Comment 8 Swamp Workflow Management 2021-06-22 16:19:10 UTC
SUSE-SU-2021:2121-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1180816,1180942,1181119,1181935,1183684
CVE References: CVE-2021-20178,CVE-2021-20180,CVE-2021-20191,CVE-2021-20228,CVE-2021-3447
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ansible-2.9.22-3.18.1
SUSE OpenStack Cloud 8 (src):    ansible-2.9.22-3.18.1
HPE Helion Openstack 8 (src):    ansible-2.9.22-3.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-03-16 20:19:04 UTC
openSUSE-SU-2022:0081-1: An update that solves 26 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1099808,1112959,1118896,1126503,1137528,1157968,1157969,1164133,1164134,1164135,1164136,1164137,1164138,1164139,1164140,1165393,1166389,1167440,1167532,1167873,1171162,1174145,1174302,1180816,1180942,1181119,1181935
CVE References: CVE-2018-10875,CVE-2018-16837,CVE-2019-10156,CVE-2019-14846,CVE-2019-14904,CVE-2019-14905,CVE-2020-10684,CVE-2020-10685,CVE-2020-10691,CVE-2020-10729,CVE-2020-14330,CVE-2020-14332,CVE-2020-1733,CVE-2020-1734,CVE-2020-1735,CVE-2020-1736,CVE-2020-1737,CVE-2020-1738,CVE-2020-1739,CVE-2020-1740,CVE-2020-1746,CVE-2020-1753,CVE-2021-20178,CVE-2021-20180,CVE-2021-20191,CVE-2021-20228
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    ansible-2.9.21-bp153.2.3.1
Comment 12 Swamp Workflow Management 2022-09-08 13:45:50 UTC
SUSE-SU-2022:3178-1: An update that solves 7 vulnerabilities, contains three features and has 10 fixes is now available.

Category: security (important)
Bug References: 1176460,1180816,1180942,1181119,1181935,1183684,1187725,1188061,1193585,1197963,1199528,1200142,1200591,1200968,1200970,1201003,1202614
CVE References: CVE-2021-20178,CVE-2021-20180,CVE-2021-20191,CVE-2021-20228,CVE-2021-3447,CVE-2021-3583,CVE-2021-3620
JIRA References: SLE-23631,SLE-24133,SLE-24791
Sources used:
openSUSE Leap 15.4 (src):    ansible-2.9.27-150000.1.14.1, dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1, golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, prometheus-blackbox_exporter-0.19.0-150000.1.11.1, python-hwdata-2.3.5-150000.3.9.1, spacecmd-4.3.14-150000.3.83.1, wire-0.5.0-150000.1.6.1
openSUSE Leap 15.3 (src):    ansible-2.9.27-150000.1.14.1, dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1, golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, python-hwdata-2.3.5-150000.3.9.1, spacecmd-4.3.14-150000.3.83.1
SUSE Manager Tools 15 (src):    ansible-2.9.27-150000.1.14.1, dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1, golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, mgr-daemon-4.3.5-150000.1.35.1, mgr-virtualization-4.3.6-150000.1.32.1, prometheus-blackbox_exporter-0.19.0-150000.1.11.1, python-hwdata-2.3.5-150000.3.9.1, spacecmd-4.3.14-150000.3.83.1, spacewalk-client-tools-4.3.11-150000.3.65.1, uyuni-common-libs-4.3.5-150000.1.24.1, uyuni-proxy-systemd-services-4.3.6-150000.1.6.1, zypp-plugin-spacewalk-1.0.13-150000.3.32.1
SUSE Linux Enterprise Server for SAP 15 (src):    golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1
SUSE Linux Enterprise Server 15-LTSS (src):    golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (src):    golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, python-hwdata-2.3.5-150000.3.9.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (src):    golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, python-hwdata-2.3.5-150000.3.9.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (src):    python-hwdata-2.3.5-150000.3.9.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (src):    ansible-2.9.27-150000.1.14.1, golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, prometheus-blackbox_exporter-0.19.0-150000.1.11.1, python-hwdata-2.3.5-150000.3.9.1, zypp-plugin-spacewalk-1.0.13-150000.3.32.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (src):    ansible-2.9.27-150000.1.14.1, golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1, prometheus-blackbox_exporter-0.19.0-150000.1.11.1, python-hwdata-2.3.5-150000.3.9.1, zypp-plugin-spacewalk-1.0.13-150000.3.32.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (src):    python-hwdata-2.3.5-150000.3.9.1, zypp-plugin-spacewalk-1.0.13-150000.3.32.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.