2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
15.7%
Red Hat reports:
A flaw was found in Ansible Engine’s ansible-connection
module, where sensitive information such as the Ansible
user credentials is disclosed by default in the traceback
error message. The highest threat from this vulnerability
is to confidentiality.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | py36-ansible-core | < 2.11.6 | UNKNOWN |
FreeBSD | any | noarch | py37-ansible-core | < 2.11.6 | UNKNOWN |
FreeBSD | any | noarch | py38-ansible-core | < 2.11.6 | UNKNOWN |
FreeBSD | any | noarch | py39-ansible-core | < 2.11.6 | UNKNOWN |
FreeBSD | any | noarch | py310-ansible-core | < 2.11.6 | UNKNOWN |
FreeBSD | any | noarch | py36-ansible-base | < 2.10.15 | UNKNOWN |
FreeBSD | any | noarch | py37-ansible-base | < 2.10.15 | UNKNOWN |
FreeBSD | any | noarch | py38-ansible-base | < 2.10.15 | UNKNOWN |
FreeBSD | any | noarch | py39-ansible-base | < 2.10.15 | UNKNOWN |
FreeBSD | any | noarch | py310-ansible-base | < 2.10.15 | UNKNOWN |
access.redhat.com/security/cve/CVE-2021-3620
github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#v2-10-15
github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#v2-11-6
github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#v2-9-27
nvd.nist.gov/vuln/detail/CVE-2021-3620
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
15.7%