Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3620

Опубликовано: 03 мар. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5

Описание

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

needed

esm-apps/bionic

not-affected

code not present
esm-apps/focal

released

2.9.6+dfsg-1ubuntu0.1~esm1
esm-apps/jammy

released

2.10.7+merged+base+2.10.8+dfsg-1ubuntu0.1~esm1
esm-apps/noble

needed

esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

ignored

end of standard support, was needed
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

ignored

end of life
impish

ignored

end of life
jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

2.12.0-1
esm-apps/jammy

not-affected

2.12.0-1
esm-apps/noble

not-affected

2.12.0-1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%
0.00179
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3620

CVSS3: 5.5
redhat
больше 4 лет назад

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

nvd логотип

CVE-2021-3620

CVSS3: 5.5
nvd
больше 3 лет назад

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

msrc логотип

CVE-2021-3620

CVSS3: 5.5
msrc
больше 3 лет назад

A flaw was found in Ansible Engine's ansible-connection module where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

debian логотип

CVE-2021-3620

CVSS3: 5.5
debian
больше 3 лет назад

A flaw was found in Ansible Engine's ansible-connection module, where ...

github логотип

GHSA-4r65-35qq-ch8j

CVSS3: 5.5
github
больше 3 лет назад

Ansible discloses sensitive information in traceback error message

EPSS

Процентиль: 40%
0.00179
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3