Back to bug 1857805
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Borja Tarraso | 2020-07-16 15:32:20 UTC | Depends On | 1857808 | |
| Borja Tarraso | 2020-07-16 15:44:06 UTC | Doc Text | A flaw was found in Ansible Tower when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data which would be exposed in the event data. Unauthorized users would be able to read this data. The impact of this flaw is confidentiality. | A flaw was found in Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data which would be exposed in the event data. Unauthorized users would be able to read this data. The impact of this flaw is confidentiality. |
| Summary | Tower: module_args does not censor properly in --check mode | Ansible: module_args does not censor properly in --check mode | ||
| Borja Tarraso | 2020-07-16 15:47:56 UTC | CC | a.badger, bcoca, dbecker, hvyas, jcammara, jjoyce, jschluet, jtanner, kbasil, kevin, lhh, lpeer, maxim, mburns, pcahyna, puebele, rhos-maint, sclewis, sdoran, slinaber, tkuratom, tvignaud, vbellur | |
| Borja Tarraso | 2020-07-16 15:48:22 UTC | Depends On | 1857817, 1857818 | |
| Guilherme de Almeida Suckevicz | 2020-07-16 19:31:06 UTC | Summary | Ansible: module_args does not censor properly in --check mode | CVE-2020-14332 Ansible: module_args does not censor properly in --check mode |
| Alias | CVE-2020-14332 | |||
| Borja Tarraso | 2020-07-17 10:02:59 UTC | CC | gsuckevi | |
| Flags | needinfo?(gsuckevi) | |||
| Guilherme de Almeida Suckevicz | 2020-07-17 13:18:43 UTC | Flags | needinfo?(gsuckevi) | |
| Matěj Cepl | 2020-07-21 08:48:50 UTC | CC | mcepl | |
| Doc Type | --- | If docs needed, set a value | ||
| Borja Tarraso | 2020-07-22 09:25:26 UTC | Depends On | 1859485 | |
| Borja Tarraso | 2020-07-22 11:01:51 UTC | Depends On | 1859535 | |
| RaTasha Tillery-Smith | 2020-07-27 17:27:24 UTC | Doc Text | A flaw was found in Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data which would be exposed in the event data. Unauthorized users would be able to read this data. The impact of this flaw is confidentiality. | A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality. |
| Borja Tarraso | 2020-08-11 07:44:25 UTC | Depends On | 1867906, 1867905 | |
| Rick Elrod | 2020-08-11 07:58:04 UTC | Status | NEW | VERIFIED |
| PnT Account Manager | 2020-09-10 21:21:17 UTC | CC | vbellur | |
| Michael Kaplan | 2020-09-11 16:08:30 UTC | Fixed In Version | ansible-engine 2.9.12, ansible-engine 2.8.14 | |
| Borja Tarraso | 2020-10-13 08:59:15 UTC | Depends On | 1874346 | |
| Borja Tarraso | 2020-10-13 09:01:24 UTC | Depends On | 1874348 | |
| Borja Tarraso | 2020-10-13 09:04:55 UTC | Depends On | 1874350 | |
| Red Hat Bugzilla | 2021-01-26 11:47:10 UTC | CC | gmainwar | |
| Red Hat Bugzilla | 2021-02-02 14:00:59 UTC | CC | jtanner | |
| Red Hat Bugzilla | 2021-04-20 07:45:10 UTC | CC | rpetrell | |
| Red Hat Bugzilla | 2021-06-22 00:27:33 UTC | CC | dbecker | |
| Red Hat Bugzilla | 2021-07-01 12:29:45 UTC | CC | puebele | |
| Lon Hohberger | 2021-07-09 17:20:24 UTC | CC | rhos-maint | |
| Red Hat Bugzilla | 2021-11-02 15:41:59 UTC | CC | notting | |
| Red Hat Bugzilla | 2021-12-15 11:50:47 UTC | CC | cmeyers | |
| Red Hat Bugzilla | 2021-12-20 17:33:26 UTC | CC | sdoran | |
| Red Hat Bugzilla | 2023-07-07 08:32:36 UTC | Assignee | security-response-team | nobody |
Back to bug 1857805