CVE-2022-3644
published 2022-10-25CVE-2022-3644: The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API ()…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | ansible_automation_platform | — | — |
| redhat | satellite | — | — |
| redhat | update_infrastructure | — | — |