Описание
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 9.2.0+dfsg-0ubuntu5 |
| esm-apps/bionic | released | 2.5.1+dfsg-1ubuntu0.1+esm2 |
| esm-apps/focal | released | 2.9.6+dfsg-1ubuntu0.1~esm2 |
| esm-apps/jammy | released | 2.10.7+merged+base+2.10.8+dfsg-1ubuntu0.1~esm4 |
| esm-apps/noble | not-affected | 9.2.0+dfsg-0ubuntu5 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| jammy | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needs-triage | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
A flaw was found in Ansible in the amazon.aws collection when using th ...
Уязвимость модуля amazon.aws.ec2_instance управления конфигурациями Ansible, связанная с ошибками обработки параметров, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
7.5 High
CVSS3