VYPR
High severity8.0NVD Advisory· Published Jun 22, 2018· Updated Jun 17, 2026

CVE-2017-7466

CVE-2017-7466

Description

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
< 2.2.3.02.2.3.0

Affected products

147

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.