Fluid Attacks Database

Description

Ansible Logs Passwords If PowerShell ScriptBlock is Enabled Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	ansible	>=2.7.0a1 <2.7.3 \|\| >=0 <2.5.12 \|\| >=2.6.0a1 <2.6.9	2.7.3, 2.5.12, 2.6.9
alpine v3.9	ansible	=0.3.1-r0 \|\| =0.4-r0 \|\| =0.5-r0 \|\| =0.7-r0 \|\| =0.7.1-r0 \|\| =0.8-r0 \|\| =0.9-r0 \|\| =1.0-r0 \|\| =1.0-r1 \|\| =1.1-r0 \|\| =1.1-r1 \|\| =1.2-r1 \|\| =1.2.1-r1 \|\| =1.2.2-r0 \|\| =1.2.3-r0 \|\| =1.3.3-r0 \|\| =1.3.4-r0 \|\| =1.4.1-r0 \|\| =1.4.3-r0 \|\| =1.4.5-r0 \|\| =1.5.0-r0 \|\| =1.5.4-r0 \|\| =1.5.5-r0 \|\| =1.6.1-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.6.7-r0 \|\| =1.7.0-r0 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.8.0-r0 \|\| =1.8.2-r0 \|\| =1.8.4-r0 \|\| =1.9.2-r0 \|\| =1.9.2-r1 \|\| =1.9.3-r0 \|\| =1.9.3-r1 \|\| =1.9.4-r0 \|\| =2.0.0.2-r0 \|\| =2.0.0.2-r1 \|\| =2.0.1.0-r1 \|\| =2.1.0.0-r0 \|\| =2.1.1.0-r0 \|\| =2.1.2.0-r0 \|\| =2.2.0.0-r0 \|\| =2.2.1.0-r0 \|\| =2.2.1.0-r1 \|\| =2.2.2.0-r0 \|\| =2.3.0.0-r0 \|\| =2.3.0.0-r1 \|\| =2.3.1.0-r0 \|\| =2.3.2.0-r0 \|\| =2.4.0.0-r0 \|\| =2.4.1.0-r0 \|\| =2.4.2.0-r0 \|\| =2.4.3.0-r0 \|\| =2.5.0-r0 \|\| =2.5.2-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6.0-r0 \|\| =2.6.1-r0 \|\| =2.6.3-r0 \|\| =2.7.0-r0 \|\| =2.7.0-r1 \|\| >=0 <2.7.3-r0	2.7.3-r0

Aliases

1. CVE-2018-168592. NVD-2018-168593. OSV-2018-168594. OSV-ALPINE-2018-168595. GCVE-2018-168596. access.redhat.com7. access.redhat.com8. access.redhat.com9. access.redhat.com10. SECURITY-CVE-2018-16859

References

1. https://github.com/ansible/ansible/pull/491422. https://github.com/ansible/ansible/commit/0d746b4198abf84290a093b83cf02b4203d73d9f3. https://github.com/ansible/ansible/commit/2f8d3fcf41107efafc14d51ab6e14531ca8f8c874. https://github.com/ansible/ansible/commit/4d748d34f9392aa469da00a85c8e2d5fe6cec52b5. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-168596. https://github.com/ansible/ansible/blob/v2.5.13/changelogs/CHANGELOG-v2.5.rst7. https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-60.yaml8. https://web.archive.org/web/20200227102121/http://www.securityfocus.com/bid/1060049. http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html10. http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html11. http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.