Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-16859

Опубликовано: 16 нояб. 2018
Источник: redhat
CVSS3: 4.2
EPSS Низкий

Описание

Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.

Execution of Ansible content on Microsoft's Windows platform with Powershell 5 or higher may disclose sensitive execution details including 'become' passwords, Ansible module arguments, and return values via Powershell's 'suspicious scriptblock logging' feature, which is enabled by default. The details are logged to the Powershell Operational log, which is visible to all authenticated users by default.

Отчет

CloudForms and Satellite 6 are not affected by this issue, since Microsoft Windows is not a supported platform.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5ansibleNot affected
Red Hat Ceph Storage 2ansibleAffected
Red Hat Ceph Storage 3ansibleAffected
Red Hat OpenShift Container Platform 3.2ansibleNot affected
Red Hat OpenShift Container Platform 3.3ansibleNot affected
Red Hat OpenShift Container Platform 3.4ansibleWill not fix
Red Hat OpenShift Container Platform 3.5ansibleWill not fix
Red Hat OpenShift Container Platform 3.6ansibleWill not fix
Red Hat OpenShift Container Platform 3.7ansibleAffected
Red Hat OpenShift Enterprise 3.0ansibleNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-532
https://bugzilla.redhat.com/show_bug.cgi?id=1649607ansible: become password logged in plaintext when used with PowerShell on Windows

EPSS

Процентиль: 27%
0.00096
Низкий

4.2 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-16859

CVSS3: 4.2
nvd
около 7 лет назад

Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.

debian логотип

CVE-2018-16859

CVSS3: 4.2
debian
около 7 лет назад

Execution of Ansible playbooks on Windows platforms with PowerShell Sc ...

github логотип

GHSA-v735-2pp6-h86r

CVSS3: 4.4
github
больше 3 лет назад

Ansible Logs Passwords If PowerShell ScriptBlock is Enabled

suse-cvrf логотип

openSUSE-SU-2019:1635-1

suse-cvrf
больше 6 лет назад

Security update for ansible

suse-cvrf логотип

openSUSE-SU-2019:1125-1

suse-cvrf
почти 7 лет назад

Security update for ansible

EPSS

Процентиль: 27%
0.00096
Низкий

4.2 Medium

CVSS3