CVE-2018-16859 — MEDIUM (4.2)

Q: How severe is CVE-2018-16859?

CVE-2018-16859 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-16859?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Ansible Engine.

Vulnerability Description

Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.

CVSS Score

4.2

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Redhat	Ansible Engine	< 2.5.13

Related Weaknesses (CWE)

CWE-532

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
http://www.securityfocus.com/bid/106004Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:3770Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:3771Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:3772Issue TrackingVendor Advisory
https://access.redhat.com/errata/RHSA-2018:3773Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859Issue TrackingVendor Advisory
https://github.com/ansible/ansible/pull/49142PatchThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
http://www.securityfocus.com/bid/106004Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:3770Vendor Advisory

FAQ

What is CVE-2018-16859?

CVE-2018-16859 is a vulnerability with a CVSS score of 4.2 (MEDIUM). Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user wi...

How severe is CVE-2018-16859?

CVE-2018-16859 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-16859?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Ansible Engine.