CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3620 – Ansible: ansible-connection module discloses sensitive info in traceback error message
https://notcve.org/view.php?id=CVE-2021-3620
15 Oct 2021 — A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality. Se ha encontrado un fallo en el módulo ansible-connection de Ansible Engine, en el que información confidencial, como las credenciales de usuario de Ansible, es revelado por defecto en el mensaje de error de rastreo. La mayor amenaza de esta vulnerabilidad es l... • https://bugzilla.redhat.com/show_bug.cgi?id=1975767 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3583 – ansible: Template Injection through yaml multi-line strings with ansible facts used in template.
https://notcve.org/view.php?id=CVE-2021-3583
07 Jul 2021 — A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity. Se encontró una falla en Ansible, donde ... • https://bugzilla.redhat.com/show_bug.cgi?id=1968412 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-10729 – Debian Security Advisory 4950-1
https://notcve.org/view.php?id=CVE-2020-10729
27 May 2021 — A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6. Se encontró un fallo en el uso de valores insuficientemente aleatorios en Ansible. • https://bugzilla.redhat.com/show_bug.cgi?id=1831089 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20228 – ansible: basic.py no_log with fallback option
https://notcve.org/view.php?id=CVE-2021-20228
25 Feb 2021 — A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en Ansible Engine versión 2.9.18, donde la información confidencial no está enmascarada por defecto y no está protegida por la funcionalidad no_log cuando se usa la func... • https://bugzilla.redhat.com/show_bug.cgi?id=1925002 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-14330 – Ansible: masked keys for uri module are exposed into content and json output
https://notcve.org/view.php?id=CVE-2020-14330
11 Sep 2020 — An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo de Neutralización de Salida Inapropiada para Registros en Ansible al usar el módulo uri, donde los datos confidenci... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2020-14365 – ansible: dnf module install packages with no GPG signature
https://notcve.org/view.php?id=CVE-2020-14365
02 Sep 2020 — A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability. Se encontr... • https://bugzilla.redhat.com/show_bug.cgi?id=1869154 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10685 – Ansible: modules which use files encrypted with vault are not properly cleaned up
https://notcve.org/view.php?id=CVE-2020-10685
22 Apr 2020 — A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only clear... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10685 • CWE-459: Incomplete Cleanup •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2020-1753 – Ansible: kubectl connection plugin leaks sensitive information
https://notcve.org/view.php?id=CVE-2020-1753
16 Mar 2020 — A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect ma... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-214: Invocation of Process Using Visible Sensitive Information CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1737 – ansible: Extract-Zip function in win_unzip module does not check extracted path
https://notcve.org/view.php?id=CVE-2020-1737
09 Mar 2020 — A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. Se detectó un fallo en Ansible versiones 2.7.17 y anteriores, versiones 2.8.9 y anteriores, y versiones 2.9.6 y anteriores, cuando se... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1734
https://notcve.org/view.php?id=CVE-2020-1734
03 Mar 2020 — A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts. Se encontró un fallo en el plugin pipe lookup de ansible. Los comandos arbitrarios se pueden ejecutar, cuando el plugin pipe lookup utiliza la función subprocess.Popen() con shell=True,... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •