Home > Vulnerability Database > CVE-2023-4380

Mend.io Vulnerability Database

CVE-2023-4380

Date: October 4, 2023

A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability.

Severity Score

6.3

Related Resources (6)

Url: https://access.redhat.com/security/cve/CVE-2023-4380

Url: https://access.redhat.com/errata/RHSA-2023:4693

Url: https://security-tracker.debian.org/tracker/CVE-2023-4380

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-4380

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2232324

Url: https://www.mend.io/vulnerability-database/CVE-2023-4380

Severity Score

6.3

Weakness Type (CWE)

Information Exposure Through Log Files

CWE-532

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-4380

Date: October 4, 2023

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?