A flaw was found in Ansible in the amazon.aws collection when using the tower_callback
parameter from the amazon.aws.ec2_instance
module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
{ "nvd_published_at": "2022-10-28T16:15:00Z", "cwe_ids": [ "CWE-233" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-01-24T23:11:22Z" }