CVE-2019-14864

Description

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.

CVSS Version 3.0

redhat
CVE ID: CVE-2019-14864
Base Score: 5.7
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Refrence: MITRE

Description​

Description