Red Hat Ansible Playbooks Password Exposure Vulnerability



A vulnerability in Red Hat Ansible could allow a local attacker to discover plaintext passwords on a targeted system.

The vulnerability is due to the plaintext exposure of “become” passwords when Ansible playbooks are executed on a Windows system with PowerShell scriptblock logging and module logging. An attacker with administrator privileges could exploit this vulnerability to discover the plaintext password. A successful exploit could be used to conduct further attacks.

Red Hat has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-16859

Source:: Cisco Multivendor Vulnerability Alerts