CVE-2021-20191

Опубликовано: 26 мая 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 2.1

CVSS3: 5.5

Описание

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	needs-triage
focal	ignored	end of standard support, was needs-triage
groovy	ignored	end of life

Показывать по

Ссылки на источники

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-20191

CVSS3: 5

redhat

около 5 лет назад

CVE-2021-20191

CVSS3: 5.5

nvd

больше 4 лет назад

CVE-2021-20191

CVSS3: 5.5

msrc

больше 4 лет назад

A flaw was found in ansible. Credentials such as secrets are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

CVE-2021-20191

CVSS3: 5.5

debian

больше 4 лет назад

A flaw was found in ansible. Credentials, such as secrets, are being d ...

GHSA-8f4m-hccc-8qph

CVSS3: 5.5

github

больше 4 лет назад

Insertion of Sensitive Information into Log File in ansible

2.1 Low

CVSS2

5.5 Medium

CVSS3

CVE-2021-20191

Описание

Пакет ansible

Ссылки на источники

Связанные уязвимости