CVE-2024-11079

Published Nov 12, 2024

Last updated 5 days ago

CVSS medium 5.5

Overview

Description
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
5.5
Impact score
3.7
Exploitability score
1.3
Vector string
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Severity
MEDIUM

Weaknesses

secalert@redhat.com
CWE-20

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. 🚨 CVE-2024-11079 (Published: 2024-11-12) - A moderate vulnerability affecting Red Hat products. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, visit: https://t.co/TLfX7WlbWd. Stay secure! 🔒 #CyberSecurity #RedHat

    @transilienceai

    15 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🔒 CVE-2024-11079 (Published: 2024-11-12) affects Red Hat products. This moderate vulnerability impacts specific versions, allowing potential exploitation. Users are urged to review the remediation steps provided by Red Hat to secure their systems. For details, visit:… https://t.

    @transilienceai

    15 Nov 2024

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔒 CVE-2024-11079 (Published: 2024-11-12) affects Red Hat products. This moderate vulnerability impacts specific versions, allowing potential exploitation. Users are urged to review the remediation steps provided by Red Hat to secure their systems. More info:… https://t.co/yZOWkW

    @transilienceai

    15 Nov 2024

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🔒 CVE-2024-11079 (Published: 2024-11-12) affects Red Hat products. This moderate vulnerability impacts specific versions, allowing potential exploitation. Users are urged to review the remediation steps provided by Red Hat to secure their systems. More info:… https://t.co/gfppSf

    @transilienceai

    15 Nov 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References