Vulnerability Details : CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
Products affected by CVE-2018-16859
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-16859
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-16859
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
|
4.4
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.8
|
3.6
|
NIST | |
|
4.2
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N |
0.6
|
3.6
|
Red Hat, Inc. |
CWE ids for CVE-2018-16859
-
The product writes sensitive information to a log file.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2018-16859
-
https://access.redhat.com/errata/RHSA-2018:3773
RHSA-2018:3773 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:3771
RHSA-2018:3771 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
[security-announce] openSUSE-SU-2019:1635-1: moderate: Security update f
-
https://github.com/ansible/ansible/pull/49142
split PS wrapper and payload by nitzmahone · Pull Request #49142 · ansible/ansible · GitHubPatch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
[security-announce] openSUSE-SU-2019:1858-1: moderate: Security update f
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859
1649607 – (CVE-2018-16859) CVE-2018-16859 ansible: become password logged in plaintext when used with PowerShell on WindowsIssue Tracking;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:3772
RHSA-2018:3772 - Security Advisory - Red Hat Customer PortalIssue Tracking;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
[security-announce] openSUSE-SU-2019:1125-1: moderate: Security update f
-
http://www.securityfocus.com/bid/106004
Ansible Playbooks CVE-2018-16859 Plaintext Password Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:3770
RHSA-2018:3770 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to