← back
CVE-2018-16859

CVE-2018-16859

CVSS 4.2 MEDIUMEPSS 0.5%CWE-532
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.2EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
29 Nov 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Affected products
Red Hat · ansible

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.htmlhttps://access.redhat.com/errata/RHSA-2018:3770https://access.redhat.com/errata/RHSA-2018:3771https://access.redhat.com/errata/RHSA-2018:3772https://access.redhat.com/errata/RHSA-2018:3773https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859https://github.com/ansible/ansible/pull/49142http://www.securityfocus.com/bid/106004