Summary: Command execution on Ansible controller from host Affected software: Ansible CVE: CVE-2016-9587 Reference URL: https://www.computest.nl/advisories/ CT-2017-0109_Ansible.txt Affected versions: < 2.1.4, < 2.2.1 Credit: Undisclosed at Computest (research) Date of publication: January 9, 2017 During a summary code review of Ansible, Computest found and exploited several issues that allow a compromised host to execute commands on the Ansible controller and thus gain access to the other hosts controlled by that controller. Fixed versions are available from upstream
*** This bug has been marked as a duplicate of bug 1412357 ***