Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-0690

Опубликовано: 06 фев. 2024
Источник: nvd
CVSS3: 5
CVSS3: 5.5
EPSS Низкий

Описание

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
Версия до 2.14.4 (исключая)
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
Версия от 2.15.0 (включая) до 2.15.9 (исключая)
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
Версия от 2.16.0 (включая) до 2.16.3 (исключая)
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:redhat:ansible_automation_platform:2.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_developer:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_inside:1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

EPSS

Процентиль: 11%
0.0004
Низкий

5 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-117
CWE-116

Связанные уязвимости

ubuntu логотип

CVE-2024-0690

CVSS3: 5
ubuntu
больше 1 года назад

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

redhat логотип

CVE-2024-0690

CVSS3: 5
redhat
больше 1 года назад

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

msrc логотип

CVE-2024-0690

CVSS3: 5.5
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2024-0690

CVSS3: 5
debian
больше 1 года назад

An information disclosure flaw was found in ansible-core due to a fail ...

rocky логотип

RLSA-2024:3043

rocky
около 2 месяцев назад

Moderate: ansible-core bug fix, enhancement, and security update

EPSS

Процентиль: 11%
0.0004
Низкий

5 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-117
CWE-116