---

CVE-2021-20191 - log back

CVE-2021-20191 edited at 27 Jan 2021 14:03:04
References	https://bugzilla.redhat.com/show_bug.cgi?id=1916813 https://github.com/ansible-collections/cisco.nxos/pull/227 + https://github.com/ansible-collections/cisco.nxos/commit/120956963f47502151a358e4a7bc2a87f71813aa

CVE-2021-20191 edited at 18 Jan 2021 18:13:19
References	https://bugzilla.redhat.com/show_bug.cgi?id=1916813 + https://github.com/ansible-collections/cisco.nxos/pull/227

CVE-2021-20191 edited at 15 Jan 2021 16:33:47
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Information disclosure
Description	+ A flaw was found in ansible-collection where credentials such as secrets are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1916813

CVE-2021-20191 created at 15 Jan 2021 16:33:01
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes