CVE-2021-3532

Rejected reason: This CVE is marked as INVALID and not a bug

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

15 Jan 2024, 17:15

Type	Values Removed	Values Added
Summary	~~Rejected reason: REJECT , CVE-2021-3532. Reason: This record is a invalid and marked as NOT A BUG. All references and descriptions in this record have been removed to prevent accidental usage.~~	Rejected reason: This CVE is marked as INVALID and not a bug

15 Jan 2024, 16:15

Type	Values Removed	Values Added
CPE	cpe:2.3:a:redhat:ansible_engine:2.0:::::::* cpe:2.3:a:redhat:ansible_tower:3.0:::::::* cpe:2.3:o:fedoraproject:fedora:34:::::::* cpe:2.3:a:redhat:ansible_tower:3.7.0:::::::* cpe:2.3:a:redhat:ansible_automation_platform:1.2:::::::* cpe:2.3:a:redhat:openstack-rdo:-:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~5.5~~	v2 : unknown v3 : unknown
References	~~{'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1956464', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1956464', 'tags': ['Issue Tracking', 'Third Party Advisory'], 'refsource': 'MISC'}~~
Summary	A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.	Rejected reason: REJECT , CVE-2021-3532. Reason: This record is a invalid and marked as NOT A BUG. All references and descriptions in this record have been removed to prevent accidental usage.
CWE	~~CWE-732~~

Information

Published : 2021-06-09 12:15

Updated : 2024-04-16 17:02

NVD link : CVE-2021-3532

Mitre link : CVE-2021-3532

CVE.ORG link : CVE-2021-3532

JSON object : View

Products Affected

No product.

CWE

No CWE.