CVE - CVE-2024-0690

CVE-ID
CVE-2024-0690	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:RHBZ#2259013 URL:https://bugzilla.redhat.com/show_bug.cgi?id=2259013 MISC:RHSA-2024:0733 URL:https://access.redhat.com/errata/RHSA-2024:0733 MISC:RHSA-2024:2246 URL:https://access.redhat.com/errata/RHSA-2024:2246 MISC:RHSA-2024:3043 URL:https://access.redhat.com/errata/RHSA-2024:3043 MISC:https://access.redhat.com/security/cve/CVE-2024-0690 URL:https://access.redhat.com/security/cve/CVE-2024-0690 MISC:https://github.com/ansible/ansible/pull/82565 URL:https://github.com/ansible/ansible/pull/82565
Assigning CNA
Red Hat, Inc.
Date Record Created
20240118	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240118)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)