A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
History

Tue, 15 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-03-03T18:23:38

Updated: 2024-10-15T17:13:51.591Z

Reserved: 2021-06-24T00:00:00

Link: CVE-2021-3620

cve-icon Vulnrichment

Updated: 2024-08-03T17:01:07.670Z

cve-icon NVD

Status : Modified

Published: 2022-03-03T19:15:08.237

Modified: 2024-11-21T06:22:00.013

Link: CVE-2021-3620

cve-icon Redhat

Severity : Important

Publid Date: 2021-06-25T00:00:00Z

Links: CVE-2021-3620 - Bugzilla