Published: 26/07/2018 Updated: 26/01/2024

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

An input validation vulnerability was found in Ansible's mysql_user module prior to 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat ansible engine
redhat virtualization 4.1

Synopsis Important: ansible security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for ansible is now available for RHEV Engine version 41Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sy ...

Debian Bug report logs - #844691 ansible: CVE-2016-8647: in some circumstances the mysql_user module may fail to correctly change a password Package: src:ansible; Maintainer for src:ansible is Harlan Lieberman-Berg <hlieberman@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 18 Nov 2016 05 ...

An input validation vulnerability was found in Ansible's mysql_user module which may fail to correctly change a password in certain circumstances Thus the previous password would still be active when it should have been changed ...

CWE-20 https://github.com/ansible/ansible-modules-core/pull/5388 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647 https://access.redhat.com/errata/RHSA-2017:1685 https://access.redhat.com/errata/RHSA-2017:1685 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-8647

CVE-2016-8647

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect