Описание
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
4.6 Medium
CVSS3
5.4 Medium
CVSS3
5.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
A flaw was discovered in the way Ansible templating was implemented in ...
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Уязвимость системы управления конфигурациями ansible, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
EPSS
4.6 Medium
CVSS3
5.4 Medium
CVSS3
5.5 Medium
CVSS2