CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-33924

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile38.85th
Published2021年9月29日
Last Modified2024年11月21日

Vulnerability Description

Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote attackers to access sensitive information.

Affected Platforms (CPE)

📦
Confluent

Ansible

= 5.5.0
📦
Confluent

Ansible

= 5.5.1
📦
Confluent

Ansible

= 5.5.2
📦
Confluent

Ansible

= 6.0.0

References & Advisories

🔗 https://confluent.io
🔗 https://www.detack.de/en/cve-2021-33924
🔗 https://confluent.io
🔗 https://www.detack.de/en/cve-2021-33924

相關漏洞威脅

CVE-2017-75509.8

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin m...

CVE-2018-168799.8

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel setting...

CVE-2017-74819.8

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t...

CVE-2019-151499.8

core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that ...