Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ansible vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-20180
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an malicious user to steal bitbucket_pipeline credentials. The highest th...
Redhat Ansible
5.5
CVSSv3
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
9.8
CVSSv3
CVE-2021-33924
Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote malicious users to access sensitive information.
Confluent Ansible 5.5.0
Confluent Ansible 5.5.1
Confluent Ansible 5.5.2
Confluent Ansible 6.0.0
5.5
CVSSv3
CVE-2021-33923
Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5.5.2 and 6.0.0 allows local malicious users to access some sensitive information (private keys, state database).
Confluent Cp-ansible 5.5.0
Confluent Cp-ansible 5.5.1
Confluent Cp-ansible 5.5.2
Confluent Cp-ansible 6.0.0
7.1
CVSSv3
CVE-2021-3583
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special ...
Redhat Ansible Automation Platform 1.2
Redhat Ansible Tower
Redhat Ansible Engine
9.6
CVSSv3
CVE-2021-21382
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship (https://gi...
Wire Restund
NA
CVE-2021-3532
Rejected reason: This CVE is marked as INVALID and not a bug
NA
CVE-2021-3533
Rejected reason: This vulnerability does not meet the criteria for a security vulnerability
8.8
CVSSv3
CVE-2020-1716
A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clus...
Ceph Ceph-ansible
5.5
CVSSv3
CVE-2020-14327
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions prior to 3.6.5 and prior to 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services o...
Redhat Ansible Tower
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »