Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:1079
HistoryApr 06, 2021 - 12:40 p.m.

(RHSA-2021:1079) Moderate: Red Hat Ansible Automation Platform Operator 1.2 security update

2021-04-0612:40:30
access.redhat.com
10
red hat ansible automation platform
security update
cve-2021-20191
cve-2021-20178
cve-2021-20180
cve-2021-20228
cve-2021-3447
container images

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.96

Percentile

99.5%

JSON

Red Hat Ansible Automation Platform Resource Operator container images
with security fixes.

Ansible Automation Platform manages Ansible Platform jobs and workflows
that can interface with any infrastructure on a Red Hat OpenShift Container
Platform cluster, or on a traditional infrastructure that is running
off-cluster.

Security fixes:

CVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)

CVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)

CVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)

CVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)

CVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)

For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Related

openvas 31
oraclelinux 6
nessus 79
amazon 7
redhat 20
centos 4
ibm 10
fedora 6
almalinux 4
mageia 2
rocky 2
f5 1
osv 8
archlinux 1
debian 4
ubuntu 4
suse 2
gentoo 2
rosalinux 2
cloudfoundry 2
ics 1
ubuntucve 1
openvas
openvas
CentOS: Security Advisory for nss (CESA-2020:4076)
2021-05-01 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2021-9a0903469c)
2021-03-02 00:00:00
Mageia: Security Advisory (MGASA-2021-0132)
2022-01-28 00:00:00
oraclelinux
oraclelinux
nss and nspr security, bug fix, and enhancement update
2020-10-08 00:00:00
nss and nspr security, bug fix, and enhancement update
2020-08-04 00:00:00
libxml2 security update
2020-11-10 00:00:00
nessus
nessus
Amazon Linux AMI : nspr, nss-softokn, nss-util (ALAS-2021-1522)
2021-07-13 00:00:00
Scientific Linux Security Update : nss and nspr on SL7.x x86_64 (20201001)
2020-10-21 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2021-0019)
2021-03-10 00:00:00
amazon
amazon
Medium: nspr, nss-softokn, nss-util
2021-07-08 18:41:00
Medium: nspr, nss-softokn, nss-util, nss
2020-11-09 21:02:00
Medium: libxml2
2020-10-22 18:25:00
redhat
redhat
(RHSA-2020:4076) Moderate: nss and nspr security, bug fix, and enhancement update
2020-09-29 19:33:00
(RHSA-2020:4254) Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
2020-10-14 12:50:53
(RHSA-2020:4255) Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)
2020-10-14 12:51:09
centos
centos
nspr, nss security update
2020-11-06 22:01:52
libxml2 security update
2020-10-20 18:27:26
libtiff security update
2020-10-20 18:24:55
ibm
ibm
Security Bulletin: IBM MQ Appliance is affected by multiple nss and nspr vulnerabilities
2021-01-21 09:32:12
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2019-17006, CVE-2019-17023, CVE-2020-12403)
2021-07-08 17:59:28
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in Libxml2
2021-03-11 19:45:15
fedora
fedora
[SECURITY] Fedora 32 Update: ansible-2.9.18-1.fc32
2021-03-01 17:06:17
[SECURITY] Fedora 33 Update: ansible-2.9.18-1.fc33
2021-03-01 17:02:27
[SECURITY] Fedora 30 Update: libxml2-2.9.10-3.fc30
2020-04-30 02:51:35
almalinux
almalinux
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
Moderate: libxml2 security update
2020-11-03 12:08:23
Moderate: nss security and bug fix update
2021-02-16 07:32:47
mageia
mageia
Updated ansible packages fix security vulnerability
2021-03-12 04:25:47
Updated ansible packages fix security vulnerability
2021-03-12 04:25:47
rocky
rocky
nss security and bug fix update
2021-02-16 07:32:47
nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
f5
f5
K61267093 : Multiple NSS vulnerabilities CVE-2020-6829, CVE-2020-12400, CVE-2020-12401, and CVE-2020-12402
2021-04-16 00:00:00
osv
osv
Moderate: nss security and bug fix update
2021-02-16 07:32:47
nss - security update
2023-02-20 00:00:00
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
archlinux
archlinux
[ASA-202102-9] ansible: information disclosure
2021-02-06 00:00:00
debian
debian
[SECURITY] [DLA 3327-1] nss security update
2023-02-20 15:16:03
[SECURITY] [DLA 2388-1] nss security update
2020-09-29 19:15:28
[SECURITY] [DSA 4608-1] tiff security update
2020-01-21 21:45:57
ubuntu
ubuntu
NSS vulnerabilities
2020-08-10 00:00:00
LibTIFF vulnerabilities
2019-10-17 00:00:00
libxml2 vulnerabilities
2020-02-10 00:00:00
suse
suse
Security update for libxml2 (moderate)
2020-05-23 00:00:00
Important for SUSE Manager Client Tools (important)
2022-09-08 00:00:00
gentoo
gentoo
Mozilla Network Security Service (NSS): Multiple vulnerabilities
2020-08-19 00:00:00
libxml2: Multiple vulnerabilities
2020-10-20 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2334
2024-01-30 08:40:29
Advisory ROSA-SA-2023-2223
2023-08-29 12:02:20
cloudfoundry
cloudfoundry
USN-4158-1: LibTIFF vulnerabilities | Cloud Foundry
2021-03-09 00:00:00
USN-4274-1: libxml2 vulnerabilities | Cloud Foundry
2020-02-20 00:00:00
ics
ics
Siemens SINEMA Remote Connect Server
2021-04-13 12:00:00
ubuntucve
ubuntucve
CVE-2020-6829
2020-08-05 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.96

Percentile

99.5%

JSON
Related for RHSA-2021:1079
openvas31oraclelinux6nessus79amazon7redhat20centos4ibm10fedora6almalinux4mageia2rocky2f51osv8archlinux1debian4ubuntu4suse2gentoo2rosalinux2cloudfoundry2ics1ubuntucve1