CVE-2023-5115: 
Ansible vulnerability analysis and mitigation

CVE-2023-5115 is an absolute path traversal vulnerability discovered in the Ansible automation platform. The vulnerability was disclosed on December 18, 2023, affecting multiple versions of Red Hat Ansible Automation Platform, including versions 1.2, 2.3, and 2.4, as well as Ansible Inside and Ansible Developer products (NVD, Red Hat Advisory).

The vulnerability allows an attacker to craft a malicious Ansible role that, when executed by a victim, can exploit a symlink to overwrite files outside of the intended extraction path. The issue specifically occurs during the ansible-galaxy role install process. The vulnerability has been assigned a CVSS v3.1 base score of 6.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N, indicating network accessibility with low attack complexity, requiring low privileges and user interaction (NVD).

The vulnerability can lead to unauthorized file overwrites on the target system, potentially allowing attackers to modify critical system files or configuration files that the user has access to. This could result in system compromise or unauthorized access to sensitive information (Red Hat Bugzilla).

Red Hat has released security updates to address this vulnerability in multiple versions of their products. The fix is included in ansible-core version 2.14.11 for Ansible Automation Platform 2.3 and version 2.15.5 for Ansible Automation Platform 2.4. Users are advised to upgrade to these patched versions (Red Hat Advisory, Red Hat Advisory).