CVE-2019-14846 in Ansibleinformazioni

Riassunto

di MITRE

Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsabile

Red Hat, Inc.

Prenotare

10/08/2019

Moderazione

accettato

CPE

pronto

EPSS

0.00509

KEV

no

Attività

molto basso

Fonti

Do you need the next level of professionalism?

Upgrade your account now!