A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-10-04T14:24:35.121Z

Updated: 2024-11-23T00:12:44.378Z

Reserved: 2023-08-16T10:02:36.139Z

Link: CVE-2023-4380

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-10-04T15:15:12.703

Modified: 2024-11-21T08:34:58.260

Link: CVE-2023-4380

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-08-16T10:05:00Z

Links: CVE-2023-4380 - Bugzilla