Lucene search
Redhat.comRH:CVE-2018-16859HistoryOct 10, 2019 - 5:33 a.m.
CVE-2018-16859
2019-10-1005:33:52
redhat.com
access.redhat.com
14
0.0004 Low
EPSS
Percentile
5.1%
Execution of Ansible content on Microsoft’s Windows platform with Powershell 5 or higher may disclose sensitive execution details including ‘become’ passwords, Ansible module arguments, and return values via Powershell’s ‘suspicious scriptblock logging’ feature, which is enabled by default. The details are logged to the Powershell Operational log, which is visible to all authenticated users by default.
Related
nessus
nessus
RHEL 7 : ansible (RHSA-2018:3772)
2018-12-07 00:00:00
RHEL 7 : ansible (RHSA-2018:3771)
2018-12-07 00:00:00
RHEL 7 : ansible (RHSA-2018:3770)
2018-12-07 00:00:00
alpinelinux
alpinelinux
CVE-2018-16859
2018-11-29 18:29:00
cvelist
cvelist
CVE-2018-16859
2018-11-29 17:00:00
redhat
redhat
(RHSA-2018:3772) Moderate: ansible security and bug fix update
2018-12-04 18:17:34
(RHSA-2018:3771) Moderate: ansible security and bug fix update
2018-12-04 18:17:04
(RHSA-2018:3770) Moderate: ansible security and bug fix update
2018-12-04 18:16:49
osv
osv
PYSEC-2018-60
2018-11-29 18:29:00
CVE-2018-16859
2018-11-29 18:29:00
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
2022-05-14 01:14:00
veracode
veracode
Information Disclosure
2018-12-05 03:07:39
Information Disclosure
2019-01-15 09:27:01
cve
cve
CVE-2018-16859
2018-11-29 18:29:00
nvd
nvd
CVE-2018-16859
2018-11-29 18:29:00
github
github
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
2022-05-14 01:14:00
prion
prion
Code injection
2018-11-29 18:29:00
debiancve
debiancve
CVE-2018-16859
2018-11-29 18:29:00
suse
suse
Security update for ansible (moderate)
2019-08-14 00:00:00
Security update for ansible (moderate)
2019-06-27 00:00:00
Security update for ansible (moderate)
2019-04-03 00:00:00
openvas
openvas
openSUSE: Security Advisory for ansible (openSUSE-SU-2019:1635-1)
2019-06-28 00:00:00