A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-04-29T15:34:08

Updated: 2024-08-03T17:30:07.863Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2021-20228

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-29T16:15:09.737

Modified: 2023-11-07T03:29:01.053

Link: CVE-2021-20228

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-01-29T00:00:00Z

Links: CVE-2021-20228 - Bugzilla