CVE-2019-14856

MEDIUM6.4Auth bypass

JSON export Create alert

Description

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None

CVSS breakdown

CVSS 3.0

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Affected products

Unknown / ansible2.6.20 – 2.6.20
Unknown / ansible2.8.6 – 2.8.6
Unknown / ansible2.7.14 – 2.7.14

References

VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2020:0756
MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14856