CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-8775

Medium Severity
SVRS
30/100
CVSSv3
5.5/10
EPSS
0.00018/1

CVE-2024-8775 exposes sensitive data in Ansible Vault files due to improper handling of vaulted variables. This vulnerability occurs when loading variables with include_vars without using no_log: true, revealing plaintext secrets. The SVRS score of 30 indicates a low risk, meaning immediate action is not critical. However, the flaw can unintentionally disclose secrets like passwords or API keys in playbook outputs. This can lead to unauthorized access. While not immediately critical based on the SVRS, administrators should still update their playbooks to prevent potential exposure of sensitive information. Fixing this flaw prevents security compromises by ensuring sensitive data remains protected.

TAGS
Vendor-advisory
X_refsource_REDHAT
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:N
A:N
PUBLICATION DATE2025-03-14
LAST MODIFIED2024-09-14

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-8775 | Red Hat Discovery Ansible Vault File log file (Nessus ID 211764)
vuldb.com2024-11-25
CVE-2024-8775 | Red Hat Discovery Ansible Vault File log file (Nessus ID 211764) | A vulnerability has been found in Red Hat Discovery, Storage and Update Infrastructure for Cloud Providers and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Ansible Vault File Handler. The manipulation leads to sensitive information in log files. This vulnerability is known as CVE-2024-8775<
vuldb.com
rss
forum
news

Social Media

CVE-2024-8775 A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when … https://t.co/TvVfeJ3JrN
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://access.redhat.com/security/cve/CVE-2024-8775
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2312119
[email protected]https://access.redhat.com/errata/RHSA-2024:8969
[email protected]https://access.redhat.com/security/cve/CVE-2024-8775
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2312119
[email protected]https://access.redhat.com/errata/RHSA-2024:10762
[email protected]https://access.redhat.com/errata/RHSA-2024:8969
[email protected]https://access.redhat.com/errata/RHSA-2024:9894
[email protected]https://access.redhat.com/security/cve/CVE-2024-8775
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2312119
[email protected]https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
[email protected]https://access.redhat.com/errata/RHSA-2024:10762
[email protected]https://access.redhat.com/errata/RHSA-2024:8969
[email protected]https://access.redhat.com/errata/RHSA-2024:9894
[email protected]https://access.redhat.com/errata/RHSA-2025:1249
[email protected]https://access.redhat.com/security/cve/CVE-2024-8775
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2312119
[email protected]https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
RHBZ#2312119https://bugzilla.redhat.com/show_bug.cgi?id=2312119
RHSA-2024:10762https://access.redhat.com/errata/RHSA-2024:10762
RHSA-2024:8969https://access.redhat.com/errata/RHSA-2024:8969
RHSA-2024:9894https://access.redhat.com/errata/RHSA-2024:9894
RHSA-2025:1249https://access.redhat.com/errata/RHSA-2025:1249

CWE Details

CWE IDCWE NameDescription
CWE-532Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence