Published: 22/11/2019 Updated: 28/12/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

ansible-playbook -k and ansible cli tools, all versions 2.8.x prior to 2.8.4, all 2.7.x prior to 2.7.13 and all 2.6.x prior to 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat ansible
debian debian linux 10.0
opensuse leap 15.1
opensuse backports sle 15.0

Debian Bug report logs - #933005 ansible: CVE-2019-10206 Package: src:ansible; Maintainer for src:ansible is Harlan Lieberman-Berg <hlieberman@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 25 Jul 2019 17:39:02 UTC Severity: important Tags: security, upstream Found in versions ansible/ ...

Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure or argument injection In addition a race condition in become_user was fixed For the stable distribution (buster), these problems have been fixed in version 277+dfsg-1+deb10u1 We reco ...

Synopsis Moderate: Ansible security update Type/Severity Security Advisory: Moderate Topic An update for Ansible is now available for Ansible Engine 27Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which give ...

Synopsis Moderate: ansible security update Type/Severity Security Advisory: Moderate Topic An update for ansible is now available for Red Hat OpenStack Platform 130 (Queens) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sys ...

Synopsis Moderate: Ansible security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for Ansible is now available for Ansible Engine 28Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score ...

Synopsis Moderate: Ansible security update Type/Severity Security Advisory: Moderate Topic An update for Ansible is now available for Ansible Engine 26Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which give ...

Synopsis Moderate: ansible security update Type/Severity Security Advisory: Moderate Topic An update for ansible is now available for Red Hat OpenStack Platform 130 (Queens)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ...

Synopsis Moderate: ansible security update Type/Severity Security Advisory: Moderate Topic An update for ansible is now available for Red Hat OpenStack Platform 140 (Rocky)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: Ansible security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Ansible Engine 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which giv ...

Synopsis Important: Ansible security update Type/Severity Security Advisory: Important Topic An update is now available for Ansible Engine 26Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detai ...

Synopsis Important: Ansible security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Ansible Engine 27Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...

Synopsis Important: Ansible security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Ansible Engine 28Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...

Synopsis Important: OpenShift Container Platform 4114 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...

CWE-522 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10206 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html https://www.debian.org/security/2021/dsa-4950 https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933005 https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4950

Get Started

CVE-2019-10206

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect