SB2025011599 - Multiple vulnerabilities in Ansible Automation Platform 2.5 packages

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Security features bypass (CVE-ID: CVE-2024-56201)

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists due to improper validation of user-supplied input.  A local user with the ability to control both the filename and the contents of a template can bypass sandbox restrictions.

2) Security features bypass (CVE-ID: CVE-2024-56326)

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists in the way the Jinja sandboxed environment detects calls to str.format.  A local user with the ability to control the contents of a template can bypass sandbox restrictions.

3) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2024-52304)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.

4) Input validation error (CVE-ID: CVE-2024-11407)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

5) OS Command Injection (CVE-ID: CVE-2024-9287)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation in the venv module when creating a virtual environment. A local user can pass specially crafted strings to the application and execute arbitrary OS commands on the target system.

6) Security features bypass (CVE-ID: CVE-2024-35195)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the session object does not verify requests after making first request with verify=False. A local administrator can bypass authentication.

7) Input validation error (CVE-ID: CVE-2024-47175)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. A remote attacker can inject attacker-controlled data in the resulting PPD.

8) Resource exhaustion (CVE-ID: CVE-2024-53907)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the django.utils.html.strip_tags() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

9) SQL injection (CVE-ID: CVE-2024-53908)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the django.db.models.fields.json.HasKey() function in Oracle lookup. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

10) Infinite loop (CVE-ID: CVE-2024-55565)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop. A remote user can consume all available system resources and cause denial of service conditions.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2025:0341