CVE-2019-10206

Summary

ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.

Affected Software

VendorProductVersion RangeStatus
Red HatAnsibleall 2.8.x before 2.8.4affected
Red HatAnsibleall 2.7.x before 2.7.13affected
Red HatAnsibleall 2.6.x before 2.6.19affected

Weaknesses

  • CWE-522: CWE-522

ADP Enrichment

CVE Program Container

Additional References

References