---

CVE-2016-9587 - log back

CVE-2016-9587 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary command execution
Description	+ An input validation vulnerability was found in ansible's handling of data sent from client systems. An attacker with control over a client system being managed by ansible and the ability to send facts back to the ansible server could use this flaw to execute arbitrary commands on the ansible server as the user and group ansible is running as.
References	+ https://www.computest.nl/advisories/CT-2017-0109_Ansible.txt
Notes