{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "REJECTED", "cveId": "CVE-2017-7473", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2025-02-13T15:46:11.559Z", "dateRejected": "2023-02-12T00:00:00.000Z", "dateReserved": "2017-04-05T00:00:00.000Z", "datePublished": "2017-07-21T22:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-02-12T00:00:00.000Z"}, "rejectedReasons": [{"lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA based off of CNT 3. Further investigation determined that there was a secure method for using the directive. Notes: none."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA based off of CNT 3. Further investigation determined that there was a secure method for using the directive. Notes: none."}], "id": "CVE-2017-7473", "lastModified": "2023-11-07T02:50:09.917", "metrics": {}, "published": "2017-07-21T22:29:00.207", "references": [], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Rejected"}

{"acknowledgement": "This issue was discovered by David Moreau Simard (Red Hat).", "bugzilla": {"description": "ansible: Potential information disclosure via no_log directive", "id": "1440912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440912"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-212", "details": ["Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive (information may not be sanitized properly)."], "name": "CVE-2017-7473", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "ansible", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:3", "fix_state": "Affected", "package_name": "ansible", "product_name": "Red Hat OpenShift Enterprise 3"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "package_name": "ansible", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Will not fix", "package_name": "ansible", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Will not fix", "package_name": "ansible", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:rhscon:2", "fix_state": "Will not fix", "package_name": "ansible", "product_name": "Red Hat Storage Console 2"}], "public_date": "2017-04-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-7473\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7473"], "statement": "Ansible Security Team and Red Hat Product Security determined that this is not a vulnerability."}

{}