VYPR

Ansible Automation Platform

by Red Hat

CVEs (24)

  • CVE-2023-4380Oct 4, 2023
    risk 0.00cvss epss 0.01

    A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and…

  • CVE-2023-4237Oct 4, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality,…

  • CVE-2022-3205Sep 13, 2022
    risk 0.00cvss epss 0.00

    Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection

  • CVE-2021-3447Apr 1, 2021
    risk 0.00cvss epss 0.00

    A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the…

Page 2 of 2