A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3874 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * ansible: ansible-connection module discloses sensitive info in traceback error message     (CVE-2021-3620)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE page(s)     listed in the References section.

    Additional Changes:

    This update fixes various bugs and adds enhancements.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ansible- core-2.14.2-4.el9 build changelog.

  - A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the     Ansible user credentials is disclosed by default in the traceback error message. The highest threat from     this vulnerability is to confidentiality. (CVE-2021-3620)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5315-1 advisory.

    It was discovered that Ansible did not properly manage directory permissions when running playbooks with     an unprivileged become user. A local attacker could possibly use this issue to cause a race condition,     escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04     ESM and Ubuntu 20.04 ESM. (CVE-2020-1733)

    It was discovered that the fix to address CVE-2020-1733 in Ansible was incomplete on systems using ACLs     and FUSE filesystems. A local attacker could possibly use this issue to cause a race condition, escalate     privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and     Ubuntu 20.04 ESM. (CVE-2020-10744)

    It was discovered that Ansible did not properly manage multi-line YAML strings and special template     characters. A local attacker could possibly use this issue to cause a template injection, resulting in the     disclosure of sensitive information or other unspecified impact. (CVE-2021-3583)

    It was discovered that the ansible-connection module in Ansible did not properly manage certain error     messages. A local attacker could possibly use this issue to expose sensitive information. This issue only     affected Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3620)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3178-1 advisory.

  - A flaw was found in ansible module where credentials are disclosed in the console log by default and not     protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an     attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to     confidentiality. (CVE-2021-20178, CVE-2021-20180)

  - A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default     and not protected by no_log feature when using those modules. An attacker can take advantage of this     information to steal those credentials. The highest threat from this vulnerability is to data     confidentiality. Versions before ansible 2.9.18 are affected. (CVE-2021-20191)

  - A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not     protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows     an attacker to obtain sensitive information. The highest threat from this vulnerability is to     confidentiality. (CVE-2021-20228)

  - A flaw was found in several ansible modules, where parameters containing credentials, such as secrets,     were being logged in plain-text on managed nodes, as well as being made visible on the controller node     when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take     advantage of this information to steal those credentials, provided when they have access to the log files     containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects     Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.
    (CVE-2021-3447)

  - A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can     occur through facts used in the template if the user is trying to put templates in multi-line YAML strings     and the facts being handled do not routinely include special template characters. This flaw allows     attackers to perform command injection, which discloses sensitive information. The highest threat from     this vulnerability is to confidentiality and integrity. (CVE-2021-3583)

  - A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the     Ansible user credentials is disclosed by default in the traceback error message. The highest threat from     this vulnerability is to confidentiality. (CVE-2021-3620)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4750 advisory.

    The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include     redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH)     are installed using a special build of Red Hat Enterprise Linux with only the packages required to host     virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and     performing administrative tasks.

    Security Fix(es):

    * kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers()     of hid-input.c (CVE-2021-0512)

    * Ansible: ansible-connection module discloses sensitive info in traceback error message (CVE-2021-3620)

    * kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)

    * libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * Red Hat Virtualization Host now includes packages from Red Hat Enterprise Linux 8.5. (BZ#1958101)

    * Red Hat Virtualization Host now includes packages from RHGS-3.5.z on RHEL-8 Batch #5. (BZ#1975175)

    * Red Hat Virtualization Host now includes the packages needed for using Managed Block Devices via     cinderlib. (BZ#1983021)

    * Red Hat Virtualization Host now includes openvswitch related packages from Fast Data Path 21.G release.
    (BZ#1998104)

    * Previously it was not possible to upgrade RHVH to version 4.4.8 when custom VDSM hooks were installed on     RHVH. This was caused by the VDSM hooks dependency on the concrete version of VDSM. The current release     allows users to maintain the VDSM dependency manually. In other words, if you want to upgrade from VDSM     X.Y.Z to version A.B.C, you must upgrade all VDSM hooks to the same A.B.C version. (BZ#2004469)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4703 advisory.

    The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform     that allows system administrators to view and manage virtual machines. The Manager provides a     comprehensive range of features including search capabilities, resource management, live migrations, and     virtual infrastructure provisioning.

    The ovirt.ovirt package (previously ovirt-ansible-collection) manages all oVirt Ansible modules.

    The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat     Virtualization Hosted-Engine.

    otopi is a standalone, plug-in based installation framework to be used to set up system components. The     plug-in nature provides simplicity to add new installation functionality without the complexity of the     state and transaction management.

    Security Fix(es):

    * Ansible: ansible-connection module discloses sensitive info in traceback error message (CVE-2021-3620)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

     Bug Fix(es):

    * A playbook executed by Ansible Engine 2.9.25 inside a virtual machine running on Red Hat Virtualization     4.4.9 correctly detects that this is a virtual machine running on Red Hat Virtualization by using Ansible     facts. (BZ#1904085)

    * Red Hat Virtualization now supports Ansible-2.9.27 for internal usage. (BZ#2003671)

    * Previously, upgrading from Red Hat Virtualization 4.3 failed when using an isolated network during IPv6     deployment. In this release, a forward network is used instead of an isolated network during an IPv6     deployment. As a result, upgrade from Red Hat Virtualization 4.3 using IPv6 now succeeds. (BZ#1947709)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3872 advisory.

    Ansible is a simple model-driven configuration management, multi-node     deployment, and remote-task execution system. Ansible works over SSH and     does not require any software or daemons to be installed on remote nodes.
    Extension modules can be written in any language and are transferred to     managed machines automatically.

    The following packages have been upgraded to a newer upstream version:
    ansible (2.9.27)

    Bug Fix(es):
    * CVE-2021-3620 Ansible: ansible-connection module discloses sensitive info     in traceback error message

    See:
    https://github.com/ansible/ansible/blob/v2.9.27/changelogs/CHANGELOG-v2.9.rst     for details on bug fixes in this release.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3871 advisory.

    Ansible is a simple model-driven configuration management, multi-node     deployment, and remote-task execution system. Ansible works over SSH and     does not require any software or daemons to be installed on remote nodes.
    Extension modules can be written in any language and are transferred to     managed machines automatically.

    The following packages have been upgraded to a newer upstream version:
    ansible (2.9.27)

    Bug Fix(es):
    * CVE-2021-3620 Ansible: ansible-connection module discloses sensitive info     in traceback error message

    See:
    https://github.com/ansible/ansible/blob/v2.9.27/changelogs/CHANGELOG-v2.9.rst     for details on bug fixes in this release.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Red Hat reports :

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

ID	Name	Product	Family	Severity
194331	RHEL 8 : Red Hat Ansible Automation Platform 2.0.1 Security and Bug fix Release (Important) (RHSA-2021:3874)	Nessus	Red Hat Local Security Checks	medium
191220	CentOS 9 : ansible-core-2.14.2-4.el9	Nessus	CentOS Local Security Checks	medium
183136	Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Ansible vulnerabilities (USN-5315-1)	Nessus	Ubuntu Local Security Checks	high
164906	SUSE SLES15 : Important security update for SUSE Manager Client Tools (SUSE-SU-2022:3178-1)	Nessus	SuSE Local Security Checks	high
155654	RHEL 8 : Red Hat Virtualization Host security update [ovirt-4.4.9] 0-day (Important) (RHSA-2021:4750)	Nessus	Red Hat Local Security Checks	critical
155599	RHEL 8 : RHV Engine and Host Common Packages security update [ovirt-4.4.9] (Important) (RHSA-2021:4703)	Nessus	Red Hat Local Security Checks	medium
154170	RHEL 7 / 8 : Ansible security update (2.9.27) (Important) (RHSA-2021:3872)	Nessus	Red Hat Local Security Checks	medium
154169	RHEL 7 / 8 : Ansible security update (2.9.27) (Important) (RHSA-2021:3871)	Nessus	Red Hat Local Security Checks	medium
154045	FreeBSD : Ansible -- Ansible user credentials disclosure in ansible-connection module (9a8514f3-2ab8-11ec-b3a1-8c164582fbac)	Nessus	FreeBSD Local Security Checks	medium

Detections

Analytics

CVE-2021-3620

medium

Tenable Plugins

medium

medium

high

high

critical

medium

medium

medium

medium