Action not permitted
Modal body text goes here.
cve-2021-3532
Vulnerability from cvelistv5
This CVE is marked as INVALID and not a bug
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-01-15T16:44:44.547Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE is marked as INVALID and not a bug"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3532",
"datePublished": "2021-06-09T11:09:03",
"dateRejected": "2024-01-15T15:50:43.309Z",
"dateReserved": "2021-05-03T00:00:00",
"dateUpdated": "2024-01-15T16:44:44.547Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3532\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-06-09T12:15:08.097\",\"lastModified\":\"2024-01-15T17:15:08.337\",\"vulnStatus\":\"Rejected\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: This CVE is marked as INVALID and not a bug\"}],\"metrics\":{},\"references\":[]}}"
}
}
pysec-2021-125
Vulnerability from pysec
Published
2021-06-09 12:15
Modified
2024-09-10 17:21
Details
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ansible",
"purl": "pkg:pypi/ansible"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0",
"1.1",
"1.2",
"1.2.1",
"1.2.2",
"1.2.3",
"1.3.0",
"1.3.1",
"1.3.2",
"1.3.3",
"1.3.4",
"1.4",
"1.4.1",
"1.4.2",
"1.4.3",
"1.4.4",
"1.4.5",
"1.5",
"1.5.1",
"1.5.2",
"1.5.3",
"1.5.4",
"1.5.5",
"1.6",
"1.6.1",
"1.6.10",
"1.6.2",
"1.6.3",
"1.6.4",
"1.6.5",
"1.6.6",
"1.6.7",
"1.6.8",
"1.6.9",
"1.7",
"1.7.1",
"1.7.2",
"1.8",
"1.8.1",
"1.8.2",
"1.8.3",
"1.8.4",
"1.9.0",
"1.9.0.1",
"1.9.1",
"1.9.2",
"1.9.3",
"1.9.4",
"1.9.5",
"1.9.6",
"2.0.0",
"2.0.0.0",
"2.0.0.1",
"2.0.0.2",
"2.0.1.0",
"2.0.2.0",
"2.1.0.0",
"2.1.1.0",
"2.1.2.0",
"2.1.3.0",
"2.1.4.0",
"2.1.5.0",
"2.1.6.0",
"2.10.0",
"2.10.0a1",
"2.10.0a2",
"2.10.0a3",
"2.10.0a4",
"2.10.0a5",
"2.10.0a6",
"2.10.0a7",
"2.10.0a8",
"2.10.0a9",
"2.10.0b1",
"2.10.0b2",
"2.10.0rc1",
"2.10.1",
"2.10.2",
"2.10.3",
"2.10.4",
"2.10.5",
"2.10.6",
"2.10.7",
"2.2.0.0",
"2.2.1.0",
"2.2.2.0",
"2.2.3.0",
"2.3.0.0",
"2.3.1.0",
"2.3.2.0",
"2.3.3.0",
"2.4.0.0",
"2.4.1.0",
"2.4.2.0",
"2.4.3.0",
"2.4.4.0",
"2.4.5.0",
"2.4.6.0",
"2.5.0",
"2.5.0a1",
"2.5.0b1",
"2.5.0b2",
"2.5.0rc1",
"2.5.0rc2",
"2.5.0rc3",
"2.5.1",
"2.5.10",
"2.5.11",
"2.5.12",
"2.5.13",
"2.5.14",
"2.5.15",
"2.5.2",
"2.5.3",
"2.5.4",
"2.5.5",
"2.5.6",
"2.5.7",
"2.5.8",
"2.5.9",
"2.6.0",
"2.6.0a1",
"2.6.0a2",
"2.6.0rc1",
"2.6.0rc2",
"2.6.0rc3",
"2.6.0rc4",
"2.6.0rc5",
"2.6.1",
"2.6.10",
"2.6.11",
"2.6.12",
"2.6.13",
"2.6.14",
"2.6.15",
"2.6.16",
"2.6.17",
"2.6.18",
"2.6.19",
"2.6.2",
"2.6.20",
"2.6.3",
"2.6.4",
"2.6.5",
"2.6.6",
"2.6.7",
"2.6.8",
"2.6.9",
"2.7.0",
"2.7.0.dev0",
"2.7.0a1",
"2.7.0b1",
"2.7.0rc1",
"2.7.0rc2",
"2.7.0rc3",
"2.7.0rc4",
"2.7.1",
"2.7.10",
"2.7.11",
"2.7.12",
"2.7.13",
"2.7.14",
"2.7.15",
"2.7.16",
"2.7.17",
"2.7.18",
"2.7.2",
"2.7.3",
"2.7.4",
"2.7.5",
"2.7.6",
"2.7.7",
"2.7.8",
"2.7.9",
"2.8.0",
"2.8.0a1",
"2.8.0b1",
"2.8.0rc1",
"2.8.0rc2",
"2.8.0rc3",
"2.8.1",
"2.8.10",
"2.8.11",
"2.8.12",
"2.8.13",
"2.8.14",
"2.8.15",
"2.8.16",
"2.8.16rc1",
"2.8.17",
"2.8.17rc1",
"2.8.18",
"2.8.18rc1",
"2.8.19",
"2.8.19rc1",
"2.8.2",
"2.8.20",
"2.8.20rc1",
"2.8.3",
"2.8.4",
"2.8.5",
"2.8.6",
"2.8.7",
"2.8.8",
"2.8.9",
"2.9.0",
"2.9.0b1",
"2.9.0rc1",
"2.9.0rc2",
"2.9.0rc3",
"2.9.0rc4",
"2.9.0rc5",
"2.9.1",
"2.9.10",
"2.9.11",
"2.9.12",
"2.9.13",
"2.9.14",
"2.9.14rc1",
"2.9.15",
"2.9.15rc1",
"2.9.16",
"2.9.16rc1",
"2.9.17",
"2.9.17rc1",
"2.9.18",
"2.9.18rc1",
"2.9.19",
"2.9.19rc1",
"2.9.2",
"2.9.20",
"2.9.20rc1",
"2.9.21",
"2.9.21rc1",
"2.9.22",
"2.9.22rc1",
"2.9.23",
"2.9.23rc1",
"2.9.24",
"2.9.24rc1",
"2.9.25",
"2.9.25rc1",
"2.9.3",
"2.9.4",
"2.9.5",
"2.9.6",
"2.9.7",
"2.9.8",
"2.9.9",
"3.0.0",
"3.0.0b1",
"3.0.0rc1",
"3.1.0",
"3.2.0",
"3.3.0",
"3.4.0",
"4.0.0",
"4.0.0a1",
"4.0.0a2",
"4.0.0a3",
"4.0.0a4",
"4.0.0b1",
"4.0.0b2",
"4.0.0rc1",
"4.1.0",
"4.2.0",
"4.3.0",
"4.4.0",
"4.5.0",
"2.9.26rc1",
"2.9.26",
"4.6.0",
"2.9.27rc1",
"5.0.0a1",
"2.9.27",
"4.7.0",
"5.0.0a2",
"4.8.0",
"5.0.0a3",
"5.0.0b1",
"5.0.0b2",
"5.0.0rc1",
"4.9.0",
"5.0.0",
"5.0.1",
"4.10.0",
"5.1.0",
"5.2.0",
"5.3.0",
"5.4.0",
"5.5.0",
"5.6.0",
"6.0.0a1",
"5.7.0",
"5.7.1",
"6.0.0a2",
"6.0.0a3",
"5.8.0",
"6.0.0b1",
"6.0.0b2",
"5.9.0",
"6.0.0rc1",
"6.0.0",
"5.10.0",
"6.1.0",
"6.2.0",
"6.3.0",
"6.4.0",
"7.0.0a1",
"6.5.0",
"7.0.0a2",
"6.6.0",
"7.0.0b1",
"10.0.0",
"10.0.0a1",
"10.0.0a2",
"10.0.0a3",
"10.0.0b1",
"10.0.0rc1",
"10.0.1",
"10.1.0",
"10.2.0",
"6.7.0",
"7.0.0",
"7.0.0rc1",
"7.1.0",
"7.2.0",
"7.3.0",
"7.4.0",
"7.5.0",
"7.6.0",
"7.7.0",
"8.0.0",
"8.0.0a1",
"8.0.0a2",
"8.0.0a3",
"8.0.0b1",
"8.0.0rc1",
"8.1.0",
"8.2.0",
"8.3.0",
"8.4.0",
"8.5.0",
"8.6.0",
"8.6.1",
"8.7.0",
"9.0.0",
"9.0.0a1",
"9.0.0a2",
"9.0.0a3",
"9.0.0b1",
"9.0.0rc1",
"9.0.1",
"9.1.0",
"9.2.0",
"9.3.0",
"9.4.0",
"9.5.0",
"9.5.1",
"9.6.0",
"9.6.1",
"9.7.0",
"9.8.0",
"10.3.0",
"9.9.0",
"10.4.0",
"9.10.0"
]
}
],
"aliases": [
"CVE-2021-3532"
],
"details": "A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.",
"id": "PYSEC-2021-125",
"modified": "2024-09-10T17:21:30.397896Z",
"published": "2021-06-09T12:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956464"
}
],
"withdrawn": "2024-08-02T20:32:38Z"
}
gsd-2021-3532
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-3532",
"description": "A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.",
"id": "GSD-2021-3532",
"references": [
"https://www.suse.com/security/cve/CVE-2021-3532.html",
"https://security.archlinux.org/CVE-2021-3532"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-3532"
],
"details": "A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.",
"id": "GSD-2021-3532",
"modified": "2023-12-13T01:23:34.122161Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3532",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** This CVE is marked as INVALID and not a bug"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: This CVE is marked as INVALID and not a bug"
}
],
"id": "CVE-2021-3532",
"lastModified": "2024-01-15T17:15:08.337",
"metrics": {},
"published": "2021-06-09T12:15:08.097",
"references": [],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Rejected"
}
}
}
}
Loading...