CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1916813	Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:virtualization:4.0:::::::*
	cpe:2.3:a:redhat:ansible::::::::
	cpe:2.3:a:redhat:ansible::::::::
	cpe:2.3:a:redhat:ansible::::::::
	cpe:2.3:a:redhat:ansible_tower:3.0:::::::*
	cpe:2.3:a:redhat:cisco_nx-os_collection::::::::
	cpe:2.3:a:redhat:community_general_collection::::::ansible::*
	cpe:2.3:a:redhat:community_general_collection::::::ansible::*
	cpe:2.3:a:redhat:community_network_collection::::::ansible::*
	cpe:2.3:a:redhat:community_network_collection::::::ansible::*
	cpe:2.3:a:redhat:docker_community_collection::::::ansible::*
	cpe:2.3:a:redhat:google_cloud_platform_ansible_collection:1.0.2:::::::*

History

No history.

Information

Published : 2021-05-26 21:15

Updated : 2023-12-28 19:15

NVD link : CVE-2021-20191

Mitre link : CVE-2021-20191

CVE.ORG link : CVE-2021-20191

JSON object : View

Products Affected

redhat

community_general_collection
docker_community_collection
ansible
ansible_tower
cisco_nx-os_collection
community_network_collection
google_cloud_platform_ansible_collection

oracle

virtualization

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2021-20191", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-05-26T21:15:08.193", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en ansible. Las credenciales, como los secretos, son divulgadas en el registro de la consola por defecto y no est\u00e1n protegidas por la funci\u00f3n no_log cuando son usados esos m\u00f3dulos. Un atacante puede tomar ventaja de esta informaci\u00f3n para robar esas credenciales. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos. Las versiones anteriores a ansible versi\u00f3n 2.9.18 est\u00e1n afectadas"}], "lastModified": "2023-12-28T19:15:12.460", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A303983A-E6D6-4CBC-B2DC-0293EFB623AC"}, {"criteria": "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5863EEF1-48B9-4DCC-A34C-5881E5588C19", "versionEndExcluding": "2.8.19"}, {"criteria": "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D02759E-9C13-45D9-B86D-282A1150AF9B", "versionEndExcluding": "2.9.18", "versionStartIncluding": "2.9.0"}, {"criteria": "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17362C62-F75B-456C-9E10-475DF200937E", "versionEndExcluding": "2.10.7", "versionStartIncluding": "2.10.0"}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F"}, {"criteria": "cpe:2.3:a:redhat:cisco_nx-os_collection:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F583BB1E-C512-4101-8E08-8BAEEBA919AE", "versionEndExcluding": "1.4.0"}, {"criteria": "cpe:2.3:a:redhat:community_general_collection:*:*:*:*:*:ansible:*:*", "vulnerable": true, "matchCriteriaId": "059C2063-6AFB-4741-91BA-03869574A93F", "versionEndExcluding": "1.3.6"}, {"criteria": "cpe:2.3:a:redhat:community_general_collection:*:*:*:*:*:ansible:*:*", "vulnerable": true, "matchCriteriaId": "C91F2FC2-9231-423E-89B1-6DC68F56C58E", "versionEndExcluding": "2.0.1", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:redhat:community_network_collection:*:*:*:*:*:ansible:*:*", "vulnerable": true, "matchCriteriaId": "D81319F0-E840-4A76-B2B4-21F8F6E9535D", "versionEndExcluding": "1.3.2"}, {"criteria": "cpe:2.3:a:redhat:community_network_collection:*:*:*:*:*:ansible:*:*", "vulnerable": true, "matchCriteriaId": "2DFEB5AE-7E63-417A-ADA5-D7FF03E3BDD9", "versionEndExcluding": "2.0.1", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:redhat:docker_community_collection:*:*:*:*:*:ansible:*:*", "vulnerable": true, "matchCriteriaId": "4C27F139-C636-47E1-8BA4-6487DE2F0801", "versionEndExcluding": "1.2.2"}, {"criteria": "cpe:2.3:a:redhat:google_cloud_platform_ansible_collection:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D000027-CB3B-4465-B0B6-546B334A8D58"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}