An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2017:1685 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647 | Issue Tracking Vendor Advisory |
https://github.com/ansible/ansible-modules-core/pull/5388 | Third Party Advisory |
Configurations
History
12 Feb 2023, 23:26
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. |
02 Feb 2023, 16:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An input validation vulnerability was found in Ansible's mysql_user module which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. |
Information
Published : 2018-07-26 14:29
Updated : 2024-01-26 18:02
NVD link : CVE-2016-8647
Mitre link : CVE-2016-8647
CVE.ORG link : CVE-2016-8647
JSON object : View
Products Affected
redhat
- virtualization
- ansible_engine
CWE
CWE-20
Improper Input Validation