what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2019-14864

Status Candidate

Overview

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.

Related Files

Debian Security Advisory 4950-1
Posted Aug 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4950-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure or argument injection. In addition a race condition in become_user was fixed.

tags | advisory, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2019-10156, CVE-2019-10206, CVE-2019-14846, CVE-2019-14864, CVE-2019-14904, CVE-2020-10684, CVE-2020-10685, CVE-2020-10729, CVE-2020-14330, CVE-2020-14332, CVE-2020-14365, CVE-2020-1733, CVE-2020-1735, CVE-2020-1739
SHA-256 | ebc20b43ab01a59fe77b2563453e04e2e0c224cd419dac6ce5d62cf99236915e
Red Hat Security Advisory 2019-4242-01
Posted Dec 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4242-01 - Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container updates have been released to address a multitude of security vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-14864, CVE-2019-19340, CVE-2019-19341, CVE-2019-19342
SHA-256 | e2b55638dd441fc7e28c5b245e491a7ce76ba6e1831ca771975ba3aea570ad7e
Red Hat Security Advisory 2019-3926-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3926-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | 2d4892946430a94f5060b659fc0369fa6d959a34aed1518e9a5bb10e5b7f35dc
Red Hat Security Advisory 2019-3927-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3927-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | bf27351ec1ee2c70fc6959b970751f933dc9d7a05d1f93569fd76696081bdce4
Red Hat Security Advisory 2019-3928-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3928-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | b8b4327a6f96d466f43320dcc6c246ed23be8c0f577d816f453d44a6b0235063
Red Hat Security Advisory 2019-3925-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3925-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A sensitive data leak was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14864
SHA-256 | c6552057631fc6104c82276e818c58ae09b99da56a12c92bbc3f09368a1201d1
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close