Vulnerabilities > CVE-2020-14332

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

redhat

debian

NVD

Published: 2020-09-11

Updated: 2024-11-21

Summary

A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Ansible Engine 2.8.0 Redhat Ansible Engine 2.8.1 Redhat Ansible Engine 2.8.2 Redhat Ansible Engine 2.8.3 Redhat Ansible Engine 2.8.4 Redhat Ansible Engine 2.8.5 Redhat Ansible Engine 2.8.6 Redhat Ansible Engine 2.8.8 Redhat Ansible Engine 2.8.9 Redhat Ansible Engine 2.8.11 Redhat Ansible Engine 2.9.0 Redhat Ansible Engine 2.9.3 Redhat Ansible Engine 2.9.5 Redhat Ansible Engine 2.9.6 Redhat Ansible Engine 2.9.7	15
OS	Debian Debian Debian Linux 10.0	1

Vulnerabilities > CVE-2020-14332 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-14332"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-14332