6 matches found
Insertion of Sensitive Information into Log File in ansible
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...
RHEL 8 : RHV Engine and Host Common Packages security update [ovirt-4.4.6] (Moderate) (RHSA-2021:2180)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2180 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to...
PYSEC-2021-106
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...
CVE-2021-20178
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...
Medium: ansible
Issue Overview: A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by nolog feature when using the snmpfacts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this...
Information Disclosure
ansible is vulnerable to information disclosure. The vulnerability exists because bitbucketpipeline credentials are not masked in the console log by default when bitbucketpipelinevariable module is in use...