{"containers": {"cna": {"affected": [{"product": "ansible", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "ansible-engine versions 2.7.x before 2.7.17"}, {"status": "affected", "version": "ansible-engine versions 2.8.x before 2.8.11"}, {"status": "affected", "version": "ansible-engine versions 2.9.x before 2.9.7"}, {"status": "affected", "version": "Ansible Tower <= 3.4.5"}, {"status": "affected", "version": "Ansible Tower <= 3.5.5"}, {"status": "affected", "version": "Ansible Tower <= 3.6.3"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-07T14:06:11", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ansible/ansible/pull/67866"}, {"name": "DSA-4950", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4950"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-1746", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ansible", "version": {"version_data": [{"version_value": "ansible-engine versions 2.7.x before 2.7.17"}, {"version_value": "ansible-engine versions 2.8.x before 2.8.11"}, {"version_value": "ansible-engine versions 2.9.x before 2.9.7"}, {"version_value": "Ansible Tower <= 3.4.5"}, {"version_value": "Ansible Tower <= 3.5.5"}, {"version_value": "Ansible Tower <= 3.6.3"}]}}]}, "vendor_name": "Red Hat"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality."}]}, "impact": {"cvss": [[{"vectorString": "5.0/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746"}, {"name": "https://github.com/ansible/ansible/pull/67866", "refsource": "CONFIRM", "url": "https://github.com/ansible/ansible/pull/67866"}, {"name": "DSA-4950", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4950"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:31.070Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ansible/ansible/pull/67866"}, {"name": "DSA-4950", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4950"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-1746", "datePublished": "2020-05-12T17:30:47", "dateReserved": "2019-11-27T00:00:00", "dateUpdated": "2024-08-04T06:46:31.070Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C0375B0-E0E4-4132-B985-2DB223E70D83", "versionEndExcluding": "2.7.17", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "8700FFBF-0D48-4633-AAB2-DB49729D92C6", "versionEndExcluding": "2.8.11", "versionStartIncluding": "2.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CB17437-BAA5-41DF-B0EB-857441A81804", "versionEndExcluding": "2.9.7", "versionStartIncluding": "2.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5C0F920-A505-452D-AFAA-AE6C20FB25EF", "versionEndIncluding": "3.4.5", "versionStartIncluding": "3.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2062F74-68D8-4E75-BC69-6038B519F823", "versionEndIncluding": "3.5.5", "versionStartIncluding": "3.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "342D4A63-0972-413B-BD65-0495DBF1CDFB", "versionEndIncluding": "3.6.3", "versionStartIncluding": "3.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality."}, {"lang": "es", "value": "Se detect\u00f3 un fallo en el Ansible Engine que afectaba a las versiones 2.7.x anteriores a 2.7.17 y versiones 2.8.x anteriores a 2.8.11 y versiones 2.9.x anteriores a 2.9.7 as\u00ed como en Ansible Tower versiones anteriores e incluyendo a 3.4.5 y 3.5.5 y 3.6.3, cuando son usados los m\u00f3dulos de la comunidad ldap_attr y ldap_entry. El problema revela la contrase\u00f1a de enlace de LDAP en stdout o un archivo de registro si una tarea del playbook se escribe usando el bind_pw en el campo parameters. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos."}], "id": "CVE-2020-1746", "lastModified": "2023-11-07T03:19:32.580", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2020-05-12T18:15:13.600", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/ansible/ansible/pull/67866"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4950"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Felix Fountein for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:1544", "cpe": "cpe:/a:redhat:ansible_engine:2.7::el7", "impact": "low", "package": "ansible-0:2.7.17-1.el7ae", "product_name": "Red Hat Ansible Engine 2.7 for RHEL 7", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1543", "cpe": "cpe:/a:redhat:ansible_engine:2.8::el7", "impact": "low", "package": "ansible-0:2.8.11-1.el7ae", "product_name": "Red Hat Ansible Engine 2.8 for RHEL 7", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1543", "cpe": "cpe:/a:redhat:ansible_engine:2.8::el8", "impact": "low", "package": "ansible-0:2.8.11-1.el8ae", "product_name": "Red Hat Ansible Engine 2.8 for RHEL 8", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1541", "cpe": "cpe:/a:redhat:ansible_engine:2.9::el7", "impact": "low", "package": "ansible-0:2.9.7-1.el7ae", "product_name": "Red Hat Ansible Engine 2.9 for RHEL 7", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1541", "cpe": "cpe:/a:redhat:ansible_engine:2.9::el8", "impact": "low", "package": "ansible-0:2.9.7-1.el8ae", "product_name": "Red Hat Ansible Engine 2.9 for RHEL 8", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1542", "cpe": "cpe:/a:redhat:ansible_engine:2::el7", "impact": "low", "package": "ansible-0:2.9.7-1.el7ae", "product_name": "Red Hat Ansible Engine 2 for RHEL 7", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHSA-2020:1542", "cpe": "cpe:/a:redhat:ansible_engine:2::el8", "impact": "low", "package": "ansible-0:2.9.7-1.el8ae", "product_name": "Red Hat Ansible Engine 2 for RHEL 8", "release_date": "2020-04-22T00:00:00Z"}, {"advisory": "RHBA-2020:0547", "cpe": "cpe:/a:redhat:ansible_tower:3.4::el7", "impact": "low", "package": "ansible-tower-34/ansible-tower-memcached:1.4.15-28", "product_name": "Red Hat Ansible Tower 3.4 for RHEL 7", "release_date": "2020-02-18T00:00:00Z"}, {"advisory": "RHBA-2020:0547", "cpe": "cpe:/a:redhat:ansible_tower:3.4::el7", "impact": "low", "package": "ansible-tower-35/ansible-tower-memcached:1.4.15-28", "product_name": "Red Hat Ansible Tower 3.4 for RHEL 7", "release_date": "2020-02-18T00:00:00Z"}, {"advisory": "RHBA-2020:0547", "cpe": "cpe:/a:redhat:ansible_tower:3.4::el7", "impact": "low", "package": "ansible-tower-37/ansible-tower-memcached-rhel7:1.4.15-28", "product_name": "Red Hat Ansible Tower 3.4 for RHEL 7", "release_date": "2020-02-18T00:00:00Z"}, {"advisory": "RHBA-2020:1539", "cpe": "cpe:/a:redhat:ansible_tower:3.5::el7", "impact": "low", "package": "ansible-tower-35/ansible-tower:3.5.6-1", "product_name": "Red Hat Ansible Tower 3.5 for RHEL 7", "release_date": "2020-04-22T00:00:00Z"}], "bugzilla": {"description": "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", "id": "1805491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805491"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", "A flaw was found in the Ansible Engine when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality."], "mitigation": {"lang": "en:us", "value": "Using args keyword and embedding the ldap_auth variable instead of using bind_pw parameter would mitigate this issue."}, "name": "CVE-2020-1746", "package_state": [{"cpe": "cpe:/a:redhat:cloudforms_managementengine:5", "fix_state": "Not affected", "impact": "low", "package_name": "ansible", "product_name": "CloudForms Management Engine 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:2", "fix_state": "Out of support scope", "impact": "low", "package_name": "ansible", "product_name": "Red Hat Ceph Storage 2"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Affected", "impact": "low", "package_name": "ansible", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Out of support scope", "impact": "low", "package_name": "ansible", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Will not fix", "package_name": "ansible", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Will not fix", "impact": "low", "package_name": "ansible", "product_name": "Red Hat Storage 3"}], "public_date": "2020-02-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-1746\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1746"], "statement": "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be provided from core Ansible. But we still ship ansible separately for ceph ubuntu.\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", "threat_severity": "Moderate", "upstream_fix": "ansible-engine 2.7.17, ansible-engine 2.8.11, ansible-engine 2.9.7"}