CVE-2025-2877 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed…
Medium CVSS: 6.5

CVE-2025-2877

A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams.
Vendor
-
Product
-
CWE
CWE-1295
Yayın Tarihi
2025-03-28 14:15:21
Güncelleme
2026-03-20 18:16:12
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-1295 MEDIUM 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:3636 https://access.redhat.com/errata/RHSA-2025:3637 https://access.redhat.com/security/cve/CVE-2025-2877 https://bugzilla.redhat.com/show_bug.cgi?id=2355540 https://github.com/ansible/ansible-rulebook/pull/767