VDB

DEBIAN-CVE-2019-14864

DEBIAN-CVE-2019-14864 PUBLISHED CVSS 6.5 MEDIUM

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:11ansible0, 0, 0
Debian:13ansible0, 0, 0
Debian:12ansible0, 0, 0
Debian:14ansible0, 0, 0

Timeline

  • Jan 2, 2020 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›