0.0004 Low
EPSS
Percentile
5.1%
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
github.com/ansible/ansible/commit/a0e027fe362fbc209dbeff2f72d6e95f39885c69
nvd.nist.gov/vuln/detail/CVE-2014-4658
web.archive.org/web/20210120133853/https://www.securityfocus.com/bid/68233