{"vulnerability": "CVE-2019-14905", "sightings": [{"uuid": "89641548-0319-4932-9bd7-846adfe160ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14905", "type": "seen", "source": "https://t.me/cibsecurity/10885", "content": "ATENTION\u203c New - CVE-2019-14905\n\nA vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-31T21:17:08.000000Z"}]}