Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2020/04/09 9:46 a.m.38 views

CVE-2018-16837

The User module in Ansible leaks any data which is passed on as a parameter to ssh-keygen. This could lead to undesirable situations such as passphrase credentials being passed as a parameter for the ssh-keygen executable, showing those credentials in clear text form for every user which have...

7.8CVSS3AI score0.00354EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/07/25 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-4072-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.04804EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/03 12:0 a.m.39 views

openSUSE Security Update : ansible (openSUSE-2019-1125)

This update for ansible to version 2.7.8 fixes the following issues : Security issues fixed: - CVE-2018-16837: Fixed an information leak in user module bsc1112959. - CVE-2018-16859: Fixed an issue which clould allow logging of password in plaintext in Windows powerShell bsc1116587. - CVE-2019-382...

7.8CVSS6.8AI score0.02462EPSS
Exploits0References13
Mageia
Mageia
added 2019/03/21 4:36 p.m.45 views

Updated ansible packages fix security vulnerability

The user module leaked parameters passed to ssh-keygen to the process environment CVE-2018-16837. The fetch module was susceptible to path traversal CVE-2019-3828...

4.2CVSS2.9AI score0.00522EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/20 12:0 a.m.85 views

Debian DSA-4396-1 : ansible - security update

Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system : - CVE-2018-10855/ CVE-2018-16876 The nolog task flag wasn't honored, resulting in an information leak. - CVE-2018-10875 ansible.cfg was read from the current working directory. ...

7.8CVSS6.5AI score0.03088EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2019/02/18 12:0 a.m.60 views

Debian: Security Advisory (DSA-4396-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.03088EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.49 views

RHEL 7 : [ansible] (RHSA-2018:3462)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3462 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

7.8CVSS7.7AI score0.00354EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.36 views

RHEL 7 : [ansible] (RHSA-2018:3460)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3460 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

7.8CVSS7.7AI score0.00354EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.34 views

RHEL 7 : [ansible] (RHSA-2018:3461)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3461 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

7.8CVSS7.6AI score0.00354EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.38 views

RHEL 7 : [ansible] (RHSA-2018:3463)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3463 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

7.8CVSS7.7AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/05 10:55 a.m.588 views

Moderate: Red Hat Security Advisory: [ansible] security and bug fix update

An update for ansible is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

7.8CVSS7.3AI score0.00354EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/11/05 10:55 a.m.548 views

Moderate: Red Hat Security Advisory: [ansible] security update

An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS7.3AI score0.00354EPSS
Exploits0References2
CVE
CVE
added 2018/10/23 3:0 p.m.285 views

CVE-2018-16837

CVE-2018-16837 affects Ansible; the User module leaks data passed to ssh-keygen, enabling potential exposure of credentials (e.g., passphrases) visible in a process list for users with access. The connected documents confirm this information disclosure issue and note multiple vendor advisories/pa...

7.8CVSS5.4AI score0.00354EPSS
Exploits0References14Affected Software2
UbuntuCve
UbuntuCve
added 2018/10/23 12:0 a.m.22 views

CVE-2018-16837

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just t...

7.8CVSS7.1AI score0.00354EPSS
Exploits0References4
Rows per page
Query Builder