Lucene search
Veracode Vulnerability DatabaseVERACODE:13192HistoryJan 15, 2019 - 9:27 a.m.
Information Disclosure
2019-01-1509:27:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.0004 Low
EPSS
Percentile
5.1%
Ansible is vulnerable to information disclosure. On Windows platforms, passwords are logged in plaintext in the event logs when PowerShell ScriptBlock and Module logging are enabled. A local user with administrator privileges will be able to view these logs and discover plaintext passwords.
Related
nessus
nessus
RHEL 7 : ansible (RHSA-2018:3772)
2018-12-07 00:00:00
RHEL 7 : ansible (RHSA-2018:3773)
2018-12-07 00:00:00
RHEL 7 : ansible (RHSA-2018:3771)
2018-12-07 00:00:00
alpinelinux
alpinelinux
CVE-2018-16859
2018-11-29 18:29:00
osv
osv
PYSEC-2018-60
2018-11-29 18:29:00
CVE-2018-16859
2018-11-29 18:29:00
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
2022-05-14 01:14:00
redhatcve
redhatcve
CVE-2018-16859
2019-10-10 05:33:52
veracode
veracode
Information Disclosure
2018-12-05 03:07:39
redhat
redhat
(RHSA-2018:3771) Moderate: ansible security and bug fix update
2018-12-04 18:17:04
(RHSA-2018:3770) Moderate: ansible security and bug fix update
2018-12-04 18:16:49
(RHSA-2018:3772) Moderate: ansible security and bug fix update
2018-12-04 18:17:34
cve
cve
CVE-2018-16859
2018-11-29 18:29:00
cvelist
cvelist
CVE-2018-16859
2018-11-29 17:00:00
nvd
nvd
CVE-2018-16859
2018-11-29 18:29:00
github
github
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
2022-05-14 01:14:00
prion
prion
Code injection
2018-11-29 18:29:00
debiancve
debiancve
CVE-2018-16859
2018-11-29 18:29:00
suse
suse
Security update for ansible (moderate)
2019-08-14 00:00:00
Security update for ansible (moderate)
2019-06-27 00:00:00
Security update for ansible (moderate)
2019-04-03 00:00:00
openvas
openvas
openSUSE: Security Advisory for ansible (openSUSE-SU-2019:1635-1)
2019-06-28 00:00:00