CVE-2021-20191

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-20191

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-20191.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-20191

Aliases

Related

Published

2021-05-26T21:15:08Z

Modified

2025-02-19T03:18:06.380461Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

References

Affected packages

Alpine:v3.10 / ansible

Package

Name: ansible
Purl: pkg:apk/alpine/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.8.19-r0

Affected versions

0.*

0.3.1-r0

0.4-r0

0.5-r0

0.7-r0

0.7.1-r0

0.8-r0

0.9-r0

1.*

1.0-r0

1.0-r1

1.1-r0

1.1-r1

1.2-r1

1.2.1-r1

1.2.2-r0

1.2.3-r0

1.3.3-r0

1.3.4-r0

1.4.1-r0

1.4.3-r0

1.4.5-r0

1.5.0-r0

1.5.4-r0

1.5.5-r0

1.6.1-r0

1.6.5-r0

1.6.6-r0

1.6.7-r0

1.7.0-r0

1.7.1-r0

1.7.2-r0

1.8.0-r0

1.8.2-r0

1.8.4-r0

1.9.2-r0

1.9.2-r1

1.9.3-r0

1.9.3-r1

1.9.4-r0

2.*

2.0.0.2-r0

2.0.0.2-r1

2.0.1.0-r1

2.1.0.0-r0

2.1.1.0-r0

2.1.2.0-r0

2.2.0.0-r0

2.2.1.0-r0

2.2.1.0-r1

2.2.2.0-r0

2.3.0.0-r0

2.3.0.0-r1

2.3.1.0-r0

2.3.2.0-r0

2.4.0.0-r0

2.4.1.0-r0

2.4.2.0-r0

2.4.3.0-r0

2.5.0-r0

2.5.2-r0

2.5.4-r0

2.5.5-r0

2.6.0-r0

2.6.1-r0

2.6.3-r0

2.7.0-r0

2.7.0-r1

2.7.9-r0

2.7.9-r1

2.8.0-r1

2.8.1-r0

2.8.3-r0

2.8.4-r0

2.8.6-r0

2.8.8-r0

2.8.9-r0

2.8.11-r0

2.8.15-r0

2.8.16-r0

Alpine:v3.11 / ansible

Package

Name: ansible
Purl: pkg:apk/alpine/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.18-r0

Affected versions

0.*

0.3.1-r0

0.4-r0

0.5-r0

0.7-r0

0.7.1-r0

0.8-r0

0.9-r0

1.*

1.0-r0

1.0-r1

1.1-r0

1.1-r1

1.2-r1

1.2.1-r1

1.2.2-r0

1.2.3-r0

1.3.3-r0

1.3.4-r0

1.4.1-r0

1.4.3-r0

1.4.5-r0

1.5.0-r0

1.5.4-r0

1.5.5-r0

1.6.1-r0

1.6.5-r0

1.6.6-r0

1.6.7-r0

1.7.0-r0

1.7.1-r0

1.7.2-r0

1.8.0-r0

1.8.2-r0

1.8.4-r0

1.9.2-r0

1.9.2-r1

1.9.3-r0

1.9.3-r1

1.9.4-r0

2.*

2.0.0.2-r0

2.0.0.2-r1

2.0.1.0-r1

2.1.0.0-r0

2.1.1.0-r0

2.1.2.0-r0

2.2.0.0-r0

2.2.1.0-r0

2.2.1.0-r1

2.2.2.0-r0

2.3.0.0-r0

2.3.0.0-r1

2.3.1.0-r0

2.3.2.0-r0

2.4.0.0-r0

2.4.1.0-r0

2.4.2.0-r0

2.4.3.0-r0

2.5.0-r0

2.5.2-r0

2.5.4-r0

2.5.5-r0

2.6.0-r0

2.6.1-r0

2.6.3-r0

2.7.0-r0

2.7.0-r1

2.7.9-r0

2.7.9-r1

2.8.0-r1

2.8.1-r0

2.8.2-r0

2.8.3-r0

2.8.4-r0

2.8.6-r0

2.8.6-r1

2.8.6-r2

2.8.6-r3

2.9.1-r0

2.9.3-r0

2.9.6-r0

2.9.7-r0

2.9.9-r0

2.9.11-r0

2.9.13-r0

2.9.14-r0

Alpine:v3.12 / ansible

Package

Name: ansible
Purl: pkg:apk/alpine/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.18-r0

Affected versions

0.*

0.3.1-r0

0.4-r0

0.5-r0

0.7-r0

0.7.1-r0

0.8-r0

0.9-r0

1.*

1.0-r0

1.0-r1

1.1-r0

1.1-r1

1.2-r1

1.2.1-r1

1.2.2-r0

1.2.3-r0

1.3.3-r0

1.3.4-r0

1.4.1-r0

1.4.3-r0

1.4.5-r0

1.5.0-r0

1.5.4-r0

1.5.5-r0

1.6.1-r0

1.6.5-r0

1.6.6-r0

1.6.7-r0

1.7.0-r0

1.7.1-r0

1.7.2-r0

1.8.0-r0

1.8.2-r0

1.8.4-r0

1.9.2-r0

1.9.2-r1

1.9.3-r0

1.9.3-r1

1.9.4-r0

2.*

2.0.0.2-r0

2.0.0.2-r1

2.0.1.0-r1

2.1.0.0-r0

2.1.1.0-r0

2.1.2.0-r0

2.2.0.0-r0

2.2.1.0-r0

2.2.1.0-r1

2.2.2.0-r0

2.3.0.0-r0

2.3.0.0-r1

2.3.1.0-r0

2.3.2.0-r0

2.4.0.0-r0

2.4.1.0-r0

2.4.2.0-r0

2.4.3.0-r0

2.5.0-r0

2.5.2-r0

2.5.4-r0

2.5.5-r0

2.6.0-r0

2.6.1-r0

2.6.3-r0

2.7.0-r0

2.7.0-r1

2.7.9-r0

2.7.9-r1

2.8.0-r1

2.8.1-r0

2.8.2-r0

2.8.3-r0

2.8.4-r0

2.8.6-r0

2.8.6-r1

2.8.6-r2

2.8.6-r3

2.9.1-r0

2.9.2-r0

2.9.2-r1

2.9.3-r0

2.9.4-r0

2.9.5-r0

2.9.6-r0

2.9.7-r0

2.9.9-r0

2.9.11-r0

2.9.13-r0

2.9.14-r0

Alpine:v3.13 / ansible

Package

Name: ansible
Purl: pkg:apk/alpine/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.7-r0

Affected versions

2.*

2.10.1-r0

2.10.3-r0

2.10.4-r0

2.10.5-r0

2.10.6-r0

Alpine:v3.14 / ansible

Package

Name: ansible
Purl: pkg:apk/alpine/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.7-r0

Affected versions

2.*

2.10.1-r0

2.10.3-r0

2.10.4-r0

2.10.5-r0

2.10.6-r0

2.10.6-r1

Debian:11 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/ansible-collections/cisco.nxos

Affected ranges

Type: GIT
Repo: https://github.com/ansible-collections/cisco.nxos
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

73ac6a0094de7e00e186fcea1f493d3b08de5357

Type: GIT
Repo: https://github.com/ansible-collections/community.docker
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

92db288917411ee377094701e4b21cc509f99b8e

Type: GIT
Repo: https://github.com/ansible-collections/community.general
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b81ba747baf8b2361070d9877eb14011130339bc

Type: GIT
Repo: https://github.com/ansible-collections/community.network
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6330dc87b7e2184c106d01cd3af2cd2f5a173b20

Type: GIT
Repo: https://github.com/ansible-collections/google.cloud
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7b55b2268a858ed04f277aa5aedf4bb5477b18e0

Type: GIT
Repo: https://github.com/ansible/ansible
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1205ad6a1a108376654d128ac903049168bf3d35

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.01

0.1.0

0.1.1

0.1.2

0.1.3

0.1.4

0.2.0

0.3

0.7

1.*

1.0.0

1.0.1

1.0.2

1.1.0

1.2.0

1.2.1

1.2.2

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.3.5

v0.*

v0.0.3

v0.0.3.1

v0.0.4

v0.0.5

v0.0.6

v0.0.7

v0.0.8

v0.0.9

v0.10.0

v0.10.1

v0.10.2

v0.10.3

v1.*

v1.0

v1.0.1

v1.1

v1.1.0

v1.1.0-beta

v1.1.0-beta.1

v1.1.1

v1.1.2

v1.1.3

v1.2

v1.2.0

v1.3.0

v1.4.0

v1.5.0

v1.5.1

v1.6.0

Other

v1_last

v2.*

v2.0.0-0.1.alpha1

v2.0.0-0.2.alpha2

v2.0.0-0.3.beta1

v2.0.0-0.4.beta2

v2.0.0-0.5.beta3

v2.6.0a1

v2.7.0.a1

v2.8.0

v2.8.0a1

v2.8.0b1

v2.8.0rc1

v2.8.0rc2

v2.8.0rc3

v2.8.1

v2.8.10

v2.8.11

v2.8.12

v2.8.13

v2.8.14

v2.8.15

v2.8.16

v2.8.16rc1

v2.8.17

v2.8.17rc1

v2.8.18

v2.8.18rc1

v2.8.19rc1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.6

v2.8.7

v2.8.8

v2.8.9