CVE-2016-8647

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-8647
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-8647.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-8647
Aliases
Related
Published
2018-07-26T14:29:00Z
Modified
2024-11-02T04:48:53.899250Z
Severity
  • 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.

References

Affected packages

Debian:11 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/ansible/ansible

Affected ranges

Type
GIT
Repo
https://github.com/ansible/ansible
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

0.*

0.0.1
0.0.2
0.01
0.3
0.7

v1.*

v1.0
v1.1
v1.2
v1.4.0
v1.5.0
v1.5.1
v1.6.0

Other

v1_last

v2.*

v2.0.0-0.1.alpha1
v2.0.0-0.2.alpha2
v2.0.0-0.3.beta1
v2.0.0-0.4.beta2
v2.0.0-0.5.beta3
v2.2.0.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.2.0.0-0.4.rc4
v2.2.0.0-1
v2.2.1.0-0.1.rc1
v2.2.1.0-0.2.rc2
v2.2.1.0-0.3.rc3
v2.2.1.0-0.4.rc4
v2.2.1.0-0.5.rc5