CVE-2018-10855

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
redhatCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
redhatansible_engine
2.4 ≤
𝑥
< 2.4.5
redhatansible_engine
2.5 <
𝑥
≤ 2.5.5
redhatansible_engine
2.0
redhatcloudforms
4.6
redhatvirtualization
4.0
debiandebian_linux
9.0
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ansible
bullseye
2.10.7+merged+base+2.10.17+dfsg-0+deb11u1
fixed
jessie
not-affected
bookworm
7.7.0+dfsg-3+deb12u1
fixed
sid
10.5.0+dfsg-2
fixed
trixie
10.5.0+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ansible
disco
not-affected
cosmic
not-affected
bionic
Fixed 2.5.1+dfsg-1ubuntu0.1
released
artful
ignored
xenial
not-affected
trusty
not-affected
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHBA-2018:3788
https://access.redhat.com/errata/RHSA-2018:1948
https://access.redhat.com/errata/RHSA-2018:1949
https://access.redhat.com/errata/RHSA-2018:2022
https://access.redhat.com/errata/RHSA-2018:2079
https://access.redhat.com/errata/RHSA-2018:2184
https://access.redhat.com/errata/RHSA-2018:2585
https://access.redhat.com/errata/RHSA-2019:0054
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855
https://usn.ubuntu.com/4072-1/
https://www.debian.org/security/2019/dsa-4396
https://access.redhat.com/errata/RHBA-2018:3788
https://access.redhat.com/errata/RHSA-2018:1948
https://access.redhat.com/errata/RHSA-2018:1949
https://access.redhat.com/errata/RHSA-2018:2022
https://access.redhat.com/errata/RHSA-2018:2079
https://access.redhat.com/errata/RHSA-2018:2184
https://access.redhat.com/errata/RHSA-2018:2585
https://access.redhat.com/errata/RHSA-2019:0054
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855
https://usn.ubuntu.com/4072-1/
https://www.debian.org/security/2019/dsa-4396