Information disclosure in Red Hat Ansible
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-16876 |
| CWE-ID | CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Ansible Server applications / Remote management servers, RDP, SSH |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Information disclosure
EUVDB-ID: #VU16629
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-16876
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to the affected software does not honor the no_log flag for failed tasks with vvv+ mode enabled. A remote attacker can send a specially crafted request to a targeted system via a connection plug-in that is designed to trigger connection exceptions, which could cause task information to be logged and access sensitive information, which could be used to conduct further attacks.
MitigationThe vulnerability has been fixed in the versions 2.5.14, 2.6.11, and 2.7.5.
Vulnerable software versionsAnsible: 2.5.0 rc1 - 2.7.4
CPE2.3- cpe:2.3:a:red_hat:ansible:2.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:ansible:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:ansible:2.7.4:*:*:*:*:*:*:*
https://access.redhat.com/security/cve/cve-2018-16876
https://github.com/ansible/ansible/pull/49569
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
