Security Advisory

CVE-2019-14905

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-31 16:20:41

Last updated 2024-08-05 00:34:52

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansibles nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.

← Browse all CVEs View on cve.org ↗