Description
A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None
Affected Packages4 packages
Also affects: Debian Linux 10.0
🔴Vulnerability Details
4GHSAInsertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible↗2022-02-09 OSVInsertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible↗2022-02-09 OSVCVE-2020-14332: A flaw was found in the Ansible Engine when using module_args↗2020-09-11 CVEListCVE-2020-14332: A flaw was found in the Ansible Engine when using module_args↗2020-09-11 📋Vendor Advisories
2Red HatAnsible: module_args does not censor properly in --check mode↗2020-07-16 DebianCVE-2020-14332: ansible - A flaw was found in the Ansible Engine when using module_args. Tasks executed wi...↗2020 💬Community
4BugzillaCVE-2020-14332 ansible: module_args does not censor properly in --check mode [openstack-rdo]↗2020-07-22 BugzillaCVE-2020-14332 ansible: module_args does not censor properly in --check mode [fedora-all]↗2020-07-16 BugzillaCVE-2020-14332 Ansible: module_args does not censor properly in --check mode↗2020-07-16 BugzillaCVE-2020-14332 ansible: module_args does not censor properly in --check mode [epel-all]↗2020-07-16