Oval Definition:oval:org.opensuse.security:def:20201753
Revision Date:2022-06-30Version:1
Title:CVE-2020-1753
Description:

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2020-1753
SUSE-SU-2020:3309-1
Mitre CVE-2020-1753
SUSE CVE-2020-1753
SUSE-SU-2020:3309-1
openSUSE-SU-2022:0081-1
Platform(s):openSUSE Leap 15.3
openSUSE Tumbleweed
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • AND Package Information
  • ansible-2.9.14-11.14 is installed
  • OR python-coverage-3.6-0.11.2 is installed
  • OR python-passlib-1.6.1-0.3.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 is installed
  • OR ardana-cinder-8.0+git.1596129856.263f430-3.43.1 is installed
  • OR ardana-glance-8.0+git.1593631779.76fa9b7-3.24.1 is installed
  • OR ardana-mq-8.0+git.1593618123.678c32b-3.26.1 is installed
  • OR ardana-nova-8.0+git.1601298847.dd01585-3.42.1 is installed
  • OR ardana-osconfig-8.0+git.1595885113.93abcbc-3.49.1 is installed
  • OR documentation-suse-openstack-cloud-installation-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-operations-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-opsconsole-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-planning-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-security-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Flask-Cors-3.0.3-3.3.1 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-ardana-packager-0.0.3-7.7.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
  • OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.28.1 is installed
  • OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.29.1 is installed
  • OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.26.1 is installed
  • OR venv-openstack-cinder-x86_64-11.2.3~dev29-14.30.1 is installed
  • OR venv-openstack-designate-x86_64-5.0.3~dev7-12.27.1 is installed
  • OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.24.1 is installed
  • OR venv-openstack-glance-x86_64-15.0.3~dev3-12.27.1 is installed
  • OR venv-openstack-heat-x86_64-9.0.8~dev22-12.29.1 is installed
  • OR venv-openstack-horizon-x86_64-12.0.5~dev3-14.32.1 is installed
  • OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.29.1 is installed
  • OR venv-openstack-keystone-x86_64-12.0.4~dev11-11.30.1 is installed
  • OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.28.1 is installed
  • OR venv-openstack-manila-x86_64-5.1.1~dev5-12.33.1 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.24.1 is installed
  • OR venv-openstack-monasca-x86_64-2.2.2~dev1-11.24.1 is installed
  • OR venv-openstack-murano-x86_64-4.0.2~dev2-12.24.1 is installed
  • OR venv-openstack-neutron-x86_64-11.0.9~dev69-13.32.1 is installed
  • OR venv-openstack-nova-x86_64-16.1.9~dev76-11.30.1 is installed
  • OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.29.1 is installed
  • OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.28.1 is installed
  • OR venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.21.1 is installed
  • OR venv-openstack-trove-x86_64-8.0.2~dev2-11.28.1 is installed
  • OR ansible1 is affected
  • OR Package Information
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND
  • ansible-2.9.14-3.15.1 is installed
  • OR crowbar-core-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1600432272.b3ad722f0-3.44.1 is installed
  • OR crowbar-openstack-5.0+git.1599037158.5c4d07480-4.43.1 is installed
  • OR documentation-suse-openstack-cloud-deployment-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1 is installed
  • OR grafana-6.7.4-4.12.1 is installed
  • OR grafana-natel-discrete-panel-0.0.9-3.3.6 is installed
  • OR openstack-cinder-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-api-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-backup-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-doc-11.2.3~dev29-3.28.1 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev29-3.28.2 is installed
  • OR openstack-cinder-volume-11.2.3~dev29-3.28.2 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.15.1 is installed
  • OR openstack-neutron-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-doc-11.0.9~dev69-3.37.1 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2 is installed
  • OR openstack-neutron-server-11.0.9~dev69-3.37.2 is installed
  • OR openstack-nova-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-cells-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-compute-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-conductor-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-console-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-doc-16.1.9~dev76-3.39.1 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-placement-api-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-scheduler-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev76-3.39.2 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev76-3.39.2 is installed
  • OR python-Django-1.11.29-3.19.2 is installed
  • OR python-Pillow-4.2.1-3.9.2 is installed
  • OR python-cinder-11.2.3~dev29-3.28.2 is installed
  • OR python-keystoneclient-3.13.1-3.3.2 is installed
  • OR python-keystoneclient-doc-3.13.1-3.3.2 is installed
  • OR python-keystonemiddleware-4.17.1-5.3.1 is installed
  • OR python-kombu-4.1.0-3.7.1 is installed
  • OR python-neutron-11.0.9~dev69-3.37.2 is installed
  • OR python-nova-16.1.9~dev76-3.39.2 is installed
  • OR python-straight-plugin-1.5.0-1.3.1 is installed
  • OR python-urllib3-1.22-5.12.1 is installed
  • OR release-notes-suse-openstack-cloud-8.20200922-3.23.1 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.3-1.1 is installed
  • OR storm-1.2.3-3.6.1 is installed
  • OR storm-nimbus-1.2.3-3.6.1 is installed
  • OR storm-supervisor-1.2.3-3.6.1 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ansible-2.9.24-1.2 is installed
  • OR ansible-doc-2.9.24-1.2 is installed
  • OR ansible-test-2.9.24-1.2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ansible is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND Package Information
  • ansible-2.9.14-11.14.1 is installed
  • OR python-coverage-3.6-0.11.2.1 is installed
  • OR python-passlib-1.6.1-0.3.2.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • ansible-2.9.21-bp153.2.3.1 is installed
  • AND ansible is signed with openSUSE key
  • OR
  • ansible-doc-2.9.21-bp153.2.3.1 is installed
  • AND ansible-doc is signed with openSUSE key
  • OR
  • ansible-test-2.9.21-bp153.2.3.1 is installed
  • AND ansible-test is signed with openSUSE key
    • BACK