search

gonoph / ansible-mitigation

Ansible Playbooks to mitigate certain CVEs
GNU General Public License v3.0
0 stars 0 forks source link

readme

ansible-mitigation

Ansible Playbooks to mitigate certain CVEs

Usage

  1. clone or download the needed mitigation
  2. configure your inventory
  3. run the mitigation as a playbook
  4. set apply_mitigation=False if you want to unapply the mitigation

Examples

Clone the git repo

git clone https://github.com/gonoph/ansible-mitigation.git
cd ansible-mitigation

Run the playbook in ad-hoc mode

ansible-playbook -i host1.example.com, mitigate.cve-2024-47176.yml

Run the playbook w an inventory

Create an inventory file

[all]
host1.example.com
host2.example.com
host3.example.com

[all:vars]
ansible_user=ansible

Run the playbook with the inventory

ansible-playbook -i inventory mitigate.cve-2024-47176.yml

Unapply the mitigation

ansible-playbook -i inventory mitigate.cve-2024-47176.yml -e apply_mitigation=False

DISCLAIMER

This is provided for educational purposes only. Use at your own risk!

Please refer to your official documentation and patching poliices before attempting to run this in production.