CVE-2024-53979

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

CVE-2024-53979

CVE-2024-53979 affects the ibm.ibm_zhmc Ansible collection for IBM Z HMC. The issue is that password-like properties (boot_ftp_password, ssc_master_pw, zaware_master_pw, password, bind_password) may be written in clear text to logs and, for certain modules, to module output when those inputs are ...

CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

zhmc-ansible-modules 安全漏洞

zhmc-ansible-modules is an Ansible collection for IBM Z HMC open sourced by zhmcclient. A security vulnerability exists in zhmc-ansible-modules, which stems from the fact that under certain circumstances, ibm.ibmzhmc writes password-like attributes in plaintext to its log files and to the output...