CVE-2023-39059

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 28, 2023
Updated: Aug 30, 2023

Summary

CVE-2023-39059 is a newly disclosed vulnerability affecting Ansible Semaphore version 2.8.90. This issue permits a remote attacker to execute arbitrary code by crafting a malicious payload and sending it to the extra variables parameter. Ansible Semaphore is a tool for managing distributed application deployment and configuration. Successful exploitation of this vulnerability could result in unauthorized code execution and potential compromise of the targeted system. System administrators are advised to update their Ansible Semaphore installations to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share