vulnerability
Red Hat: CVE-2024-0690: ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:S/C:C/I:N/A:N) | Feb 6, 2024 | May 1, 2024 | Sep 1, 2025 |
Severity
4
CVSS
(AV:L/AC:M/Au:S/C:C/I:N/A:N)
Published
Feb 6, 2024
Added
May 1, 2024
Modified
Sep 1, 2025
Description
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
Solutions
redhat-upgrade-ansible-coreredhat-upgrade-ansible-test
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.