CVE-2016-8647
published 2018-07-26CVE-2016-8647: An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain…
medium4.9CVSS 3.1
AVNACLPRHUINSUCNIHAN
An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ansible | < ansible 2.2.0.0-4 (bookworm) | ansible 2.2.0.0-4 (bookworm) |
| red_hat | ansible | — | — |
| redhat | ansible | >= 0 < 2.2.0.0-4 | 2.2.0.0-4 |
| redhat | ansible | >= 0 < 2.2.0.0-4 | 2.2.0.0-4 |
| redhat | ansible | >= 0 < 2.2.0.0-4 | 2.2.0.0-4 |
| redhat | ansible | >= 0 < 2.2.0.0-4 | 2.2.0.0-4 |
| redhat | ansible | >= 0 < 2.2.1.0 | 2.2.1.0 |
| redhat | ansible_engine | < 2.2.1.0 | 2.2.1.0 |
| redhat | virtualization | — | — |
CVSS provenance
nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
osv4.9MEDIUM