CVE-2014-4967: 
Ansible vulnerability analysis and mitigation

Multiple argument injection vulnerabilities were discovered in Ansible before version 1.6.7. The vulnerability (CVE-2014-4967) allows remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact. The exploitation can be achieved through facts with trailing clauses like 'src=', 'temp=', or 'validate=' accompanied by a shell command (NIST NVD, oCERT Advisory).

The vulnerability stems from input sanitization errors in the Ansible platform that allow arbitrary code execution when an attacker controls certain playbook variables. The issue specifically involves unsafe parsing of action arguments when variable data (including fact data, with_fileglob data, or other sources) is controlled by an attacker. The impact varies depending on the action module targeted, with copy or template actions being particularly vulnerable to arbitrary code execution through the validate option's acceptance of arbitrary shell code (oCERT Advisory).

The vulnerability allows remote attackers to execute arbitrary code on systems where they have access to an Ansible managed host. This can lead to complete system compromise, as attackers can inject malicious commands through crafted facts. The CVSS v3.1 base score is 9.8 (Critical), indicating the severe potential impact on system confidentiality, integrity, and availability (NIST NVD).

The vulnerability was fixed in Ansible version 1.6.7. The fix includes improvements to input sanitization and proper handling of action arguments. Organizations should upgrade to Ansible version 1.6.7 or later to address this vulnerability (Ansible Patch).