PT-2021-8094 · Ansible+3 · Ansible+4

Tapas Jena

Published

2021-01-12

Updated

2026-06-03

CVE-2021-20178

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Ansible (affected versions not specified)

Description A flaw was found in the Ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket pipeline variable module. This flaw allows an attacker to steal Bitbucket pipeline credentials. The highest threat from this vulnerability is to confidentiality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

ALT-PU-2021-1383

ALT-PU-2021-1395

ALT-PU-2021-1800

BDU:2024-06963

CVE-2021-20178

DLA-3695-1

DLA-3695-2

GHSA-WV5P-GMMV-WH9V

MGASA-2021-0131

MGASA-2021-0132

OPENSUSE-SU-2022:0081-1

OPENSUSE-SU-2022_3178-1

OPENSUSE-SU-2024:10615-1

OPENSUSE-SU-2024:14244-1

OPENSUSE-SU-2024:14536-1

OPENSUSE-SU-2025:15605-1

OPENSUSE-SU-2025:15753-1

OPENSUSE-SU-2026:10944-1

PYSEC-2021-106

RHSA-2021:0663

RHSA-2021:0664

RHSA-2021:2180

ROSA-SA-2024-2334

ROSA-SA-2024-2532

SUSE-SU-2021:2121-1

SUSE-SU-2022:3178-1

SUSE-SU-2022_3178-1

SUSE-SU-2024:0196-1

Affected Products

Alt Linux

Ansible

Ansible-Core

Astra Linux

Suse

PT-2021-8094 · Ansible+3 · Ansible+4

CVE-2021-20178

Weakness Enumeration

Related Identifiers

Affected Products

References · 245