CVE-2024-0690

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ansible-core (affected versions not specified)

Description An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE NO LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-117CWE-116

Related Identifiers

ALSA-2024:2246

ALSA-2024:3043

ALT-PU-2024-2153

ALT-PU-2024-3465

AZL-34190

AZL-34539

BDU:2024-01561

CESA-2024_3043

CVE-2024-0690

GHSA-H24R-M9QC-PVPG

INFSA-2024_2246

INFSA-2024_3043

MGASA-2024-0239

OESA-2024-1190

OPENSUSE-SU-2024:13636-1

OPENSUSE-SU-2024:14251-1

OPENSUSE-SU-2024:14537-1

OPENSUSE-SU-2025:15638-1

OPENSUSE-SU-2025:15754-1

PYSEC-2024-36

RHSA-2024:0733

RHSA-2024:2246

RHSA-2024:3043

RHSA-2024_2246

RHSA-2024_3043

SUSE-SU-2024:1427-1

SUSE-SU-2024:1509-1

Affected Products

Alt Linux

Almalinux

Ansible-Core

Astra Linux

Centos

Red Hat

Red Os

Rocky Linux

CVE-2024-0690

Weakness Enumeration

Related Identifiers

Affected Products

References · 106