CVE-2022-1662

Name of the Vulnerable Software and Affected Versions convert2rhel (affected versions not specified)

Description The issue concerns an ansible playbook named ansible/run-convert2rhel.yml in convert2rhel, which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. It is noted that this ansible playbook is only an example in the upstream repository and is not shipped in officially supported versions of convert2rhel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.