Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.031
EPSS Ranking
86.3%
CVSS Severity
CVSS v3 Score
8.8
References
https://gist.github.com/Alevsk/1757da24c5fb8db735d392fd4146ca3a
https://www.alevsk.com/2023/07/a-quick-story-of-security-pitfalls-with-execcommand-in-software-integrations/
https://gist.github.com/Alevsk/1757da24c5fb8db735d392fd4146ca3a
https://www.alevsk.com/2023/07/a-quick-story-of-security-pitfalls-with-execcommand-in-software-integrations/
Products affected by CVE-2023-39059
Ansible-Semaphore
»
Ansible Semaphore
»
Version:
2.8.90
cpe:2.3:a:ansible-semaphore:ansible_semaphore:2.8.90
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved