Vulnerability Details : CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
Exploit prediction scoring system (EPSS) score for CVE-2018-16859
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-16859
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
|
4.4
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.8
|
3.6
|
NIST |
|
4.2
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N |
0.6
|
3.6
|
Red Hat, Inc. |
CWE ids for CVE-2018-16859
-
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2018-16859
-
https://access.redhat.com/errata/RHSA-2018:3773
RHSA-2018:3773 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:3771
RHSA-2018:3771 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
[security-announce] openSUSE-SU-2019:1635-1: moderate: Security update f
-
https://github.com/ansible/ansible/pull/49142
split PS wrapper and payload by nitzmahone · Pull Request #49142 · ansible/ansible · GitHubPatch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
[security-announce] openSUSE-SU-2019:1858-1: moderate: Security update f
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859
1649607 – (CVE-2018-16859) CVE-2018-16859 ansible: become password logged in plaintext when used with PowerShell on WindowsIssue Tracking;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:3772
RHSA-2018:3772 - Security Advisory - Red Hat Customer PortalIssue Tracking;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
[security-announce] openSUSE-SU-2019:1125-1: moderate: Security update f
-
http://www.securityfocus.com/bid/106004
Ansible Playbooks CVE-2018-16859 Plaintext Password Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:3770
RHSA-2018:3770 - Security Advisory - Red Hat Customer PortalVendor Advisory
Products affected by CVE-2018-16859
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*