CVE-2021-3620
Description
A flaw was found in Ansible Engines ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.171
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-3620 are fixed in Python-ansible 2.9.27 | Windows |
| (RHSA-2021:4703) RHV Engine and Host Common Packages security update [ovirt-4.4.9] ovirt-ansible-collection-1.6.5-1.el8ev.noarch.rpm | Linux |
| Vulnerabilities CVE-2021-3620 are fixed in Python-ansible for linux 2.9.27 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234