Back to bug 2137664
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jill Rouleau | 2022-10-25 19:05:03 UTC | Doc Type | --- | If docs needed, set a value |
| CC | jrouleau | |||
| Mark Chappell | 2022-10-25 19:35:16 UTC | CC | mchappel | |
| Borja Tarraso | 2022-10-26 09:39:11 UTC | CC | stcannon, tfister | |
| Borja Tarraso | 2022-10-26 13:19:42 UTC | CC | jwong, kaycoth, kshier | |
| Depends On | 2137871 | |||
| RaTasha Tillery-Smith | 2022-10-26 16:19:28 UTC | Alias | CVE-2022-3697 | |
| Summary | ansible: improper handling of tower_callback parameter in amazon.aws collection | CVE-2022-3697 ansible: improper handling of tower_callback parameter in amazon.aws collection | ||
| Doc Text | A flaw was found in amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. An attacker can take advantage of this as the module is handling the parameter insecurely which would lead into the password leaked in the logs. | A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs. | ||
| Red Hat Bugzilla | 2023-01-20 05:18:44 UTC | CC | cwelton | |
| Red Hat Bugzilla | 2023-07-07 08:30:23 UTC | Assignee | security-response-team | nobody |
Back to bug 2137664