Lucene search
+L

63 matches found

OSV
OSV
added 2020/05/12 6:15 p.m.5 views

PYSEC-2020-13

A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldapattr and ldapentry community modules are used. The issue...

5CVSS6.7AI score0.00406EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/05/12 5:30 p.m.23 views

CVE-2020-1746

A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldapattr and ldapentry community modules are used. The issue...

5CVSS6AI score0.00406EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/05/12 12:0 a.m.8 views

PT-2020-6568

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.7.16 Ansible Engine versions 2.8.x through 2.8.10 Ansible Engine versions 2.9.x through 2.9.6 Ansible Tower versions 3.4.5 and earlier Ansible Tower versions 3.5.5 and earlier Ansible Tower version 3.6.3...

5.1CVSS7.5AI score0.00406EPSS
Exploits0References177
OSV
OSV
added 2020/04/29 4:15 p.m.20 views

CVE-2020-12459

In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml which contain a secretkey and a bindpassword are world readable...

5.5CVSS6.7AI score0.00318EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.8 views

ansible: Information disclosure issue in ldap_attr and ldap_entry modules

A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...

5CVSS7.1AI score0.00406EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.12 views

ansible: Information disclosure issue in ldap_attr and ldap_entry modules

A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...

5CVSS7.1AI score0.00406EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/22 2:10 p.m.4 views

ansible: Information disclosure issue in ldap_attr and ldap_entry modules

A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...

5CVSS7.1AI score0.00406EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/22 2:10 p.m.12 views

ansible: Information disclosure issue in ldap_attr and ldap_entry modules

A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...

5CVSS7.1AI score0.00406EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/11 1:32 p.m.9 views

openshift: Bind password for AD account is stored in world readable file

An access flaw was discovered in OpenShift; the /etc/origin/master/master-config.yaml configuration file, which could contain Active Directory credentials, was world-readable. A local user could exploit this flaw to obtain authentication credentials from the master-config.yaml file...

5.5CVSS5.8AI score0.0035EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/06/04 7:34 p.m.3 views

EAP: LDAP bind password is being logged with TRACE log level

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS6.2AI score0.01716EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/04 7:11 p.m.3 views

EAP: LDAP bind password is being logged with TRACE log level

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS6.2AI score0.01716EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/04 6:54 p.m.10 views

EAP: LDAP bind password is being logged with TRACE log level

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS6.2AI score0.01716EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/04 6:51 p.m.3 views

EAP: LDAP bind password is being logged with TRACE log level

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS6.2AI score0.01716EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/04 6:42 p.m.5 views

EAP: LDAP bind password is being logged with TRACE log level

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS6.2AI score0.01716EPSS
Exploits1References4
Cvelist
Cvelist
added 2015/02/10 7:0 p.m.21 views

CVE-2014-8733

Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password...

6.4AI score0.00318EPSS
Exploits0References1
NVD
NVD
added 2013/10/01 3:48 a.m.22 views

CVE-2013-3278

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file...

4.9CVSS5.8AI score0.00338EPSS
Exploits0References1
OSV
OSV
added 2013/10/01 3:48 a.m.6 views

CVE-2013-5572

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...

6AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/10/01 3:48 a.m.44 views

CVE-2013-5572

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...

3.5CVSS5.9AI score0.04111EPSS
Exploits4References2
Prion
Prion
added 2013/10/01 3:48 a.m.10 views

Design/Logic Flaw

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file...

4.9CVSS6.3AI score0.00338EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/10/01 3:48 a.m.4 views

CVE-2013-5572

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...

3.5CVSS5.6AI score0.04111EPSS
Exploits4References4
Rows per page
Query Builder