CVE-2021-3620

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3620
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3620.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-3620
Aliases
Downstream
Related
Published
2022-03-03T19:15:08.237Z
Modified
2026-04-16T04:32:41.440920474Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

References

Affected packages

Git / github.com/ansible/ansible

Affected ranges

Type
GIT
Repo
https://github.com/ansible/ansible
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
2685efe544c500bc5b2e3cbb0d7d594b7c81273b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e36b7130ff1c5366ab1c767641a8819d4fdf5e5f
Fixed
fe28767970c8ec62aabe493c46b53a5de1e5fac0
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.9.27"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1"
        }
    ]
}

Affected versions

0.*
0.0.1
0.01
0.3
0.7
stable-2.*
stable-2.9-branchpoint
v1.*
v1.0
v1.1
v1.2
v1.4.0
v1.6.0
Other
v1_last
v2.*
v2.0.0-0.1.alpha1
v2.0.0-0.2.alpha2
v2.0.0-0.3.beta1
v2.0.0-0.4.beta2
v2.0.0-0.5.beta3
v2.6.0a1
v2.7.0.a1
v2.8.0a1
v2.9.0
v2.9.0b1
v2.9.0rc1
v2.9.0rc2
v2.9.0rc3
v2.9.0rc4
v2.9.0rc5
v2.9.1
v2.9.10
v2.9.11
v2.9.12
v2.9.13
v2.9.14
v2.9.14rc1
v2.9.15
v2.9.15rc1
v2.9.16
v2.9.16rc1
v2.9.17
v2.9.17rc1
v2.9.18
v2.9.18rc1
v2.9.19
v2.9.19rc1
v2.9.2
v2.9.20
v2.9.20rc1
v2.9.21
v2.9.21rc1
v2.9.22
v2.9.22rc1
v2.9.23
v2.9.23rc1
v2.9.24
v2.9.24rc1
v2.9.25
v2.9.25rc1
v2.9.26
v2.9.26rc1
v2.9.27rc1
v2.9.3
v2.9.4
v2.9.5
v2.9.6
v2.9.7
v2.9.8
v2.9.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3620.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    }
]