Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible’s amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to exploit the issue, as the module handles the parameter insecurely, resulting in the password being leaked in the logs...

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.

...

ROS-20250812-07

A vulnerability in the amazon.aws.ec2instance module of Ansible configuration management is related to an error in the handling of the of the towercallback parameter. Exploitation of the vulnerability allows an attacker acting remotely to gain access sensitive data...

Linux Distros Unpatched Vulnerability : CVE-2022-3697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an...

OESA-2025-1125 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

The vulnerability of the amazon.aws.ec2_instance configuration management module in Ansible, related to parameter processing errors, allows an attacker to access sensitive data.

The vulnerability of the amazon.aws.ec2instance configuration management module in Ansible is related to an error in parameter processing involving the towercallback. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

CLSA-2023-1691083401 Fix CVE(s): CVE-2022-3697

SECURITY UPDATE: improper handling of towercallback parameter in amazon.aws collection - debian/patches/CVE-2022-3697.patch: ec2instance - validate options on towercallback - CVE-2022-3697 Enable unit testing...

SUSE CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

DEBIAN-CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

UBUNTU-CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

PT-2022-7598 · Ansible +4 · Ansible +5

Name of the Vulnerable Software and Affected Versions: Ansible affected versions not specified Description: A flaw was found in Ansible in the amazon.aws collection when using the tower callback parameter from the amazon.aws.ec2 instance module. This issue allows an attacker to take advantage of...