CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33924

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile38.85th
PublishedSep 29, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote attackers to access sensitive information.

Affected Platforms (CPE)

πŸ“¦
Confluent

Ansible

= 5.5.0
πŸ“¦
Confluent

Ansible

= 5.5.1
πŸ“¦
Confluent

Ansible

= 5.5.2
πŸ“¦
Confluent

Ansible

= 6.0.0

References & Advisories

πŸ”— https://confluent.io
πŸ”— https://www.detack.de/en/cve-2021-33924
πŸ”— https://confluent.io
πŸ”— https://www.detack.de/en/cve-2021-33924

Related Vulnerabilities

CVE-2017-75509.8

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin m...

CVE-2018-168799.8

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel setting...

CVE-2017-74819.8

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t...

CVE-2019-151499.8

core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that ...