VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-3fw9-kycf-vfa1

Essentials
Severities (131)
References (37)
Severity details (41)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-3fw9-kycf-vfa1
Aliases	CVE-2024-8775 GHSA-jpxc-vmjf-9fcj
Summary	A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-532	Insertion of Sensitive Information into Log File
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	5.5	https://access.redhat.com/errata/RHSA-2024:10762
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:10762
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:10762
cvssv3.1	5.5	https://access.redhat.com/errata/RHSA-2024:8969
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:8969
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2024:8969
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:8969
cvssv3.1	5.5	https://access.redhat.com/errata/RHSA-2024:9894
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:9894
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:9894
cvssv3.1	5.5	https://access.redhat.com/errata/RHSA-2025:1249
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2025:1249
ssvc	Track	https://access.redhat.com/errata/RHSA-2025:1249
cvssv3	5.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8775.json
cvssv3.1	5.5	https://access.redhat.com/security/cve/CVE-2024-8775
generic_textual	HIGH	https://access.redhat.com/security/cve/CVE-2024-8775
generic_textual	MODERATE	https://access.redhat.com/security/cve/CVE-2024-8775
ssvc	Track	https://access.redhat.com/security/cve/CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00023	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00025	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-8775
cvssv3.1	5.5	https://bugzilla.redhat.com/show_bug.cgi?id=2312119
generic_textual	HIGH	https://bugzilla.redhat.com/show_bug.cgi?id=2312119
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=2312119
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2312119
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.5	https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
generic_textual	HIGH	https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
ssvc	Track	https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
cvssv3.1	5.0	https://github.com/ansible/ansible
cvssv3.1	5.5	https://github.com/ansible/ansible
generic_textual	HIGH	https://github.com/ansible/ansible
generic_textual	MODERATE	https://github.com/ansible/ansible
cvssv3.1	5.5	https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes
generic_textual	HIGH	https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes
cvssv3.1	5.5	https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes
generic_textual	HIGH	https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes
cvssv3.1	5.5	https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035
generic_textual	HIGH	https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035
cvssv3.1	5.5	https://nvd.nist.gov/vuln/detail/CVE-2024-8775
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2024-8775
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2024-8775

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2024:9894
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8775.json
		https://access.redhat.com/security/cve/CVE-2024-8775
		https://api.first.org/data/v1/epss?cve=CVE-2024-8775
		https://bugzilla.redhat.com/show_bug.cgi?id=2312119
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8775
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/ansible/ansible
		https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes
		https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes
		https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035
1082851		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082851
cpe:/a:redhat:ansible_automation_platform:2		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
cpe:/a:redhat:ansible_automation_platform:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
cpe:/a:redhat:ansible_automation_platform:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
cpe:/a:redhat:ansible_automation_platform:2.5::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
cpe:/a:redhat:ansible_automation_platform:2.5::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
cpe:/a:redhat:ansible_automation_platform:ee::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:ee::el8
cpe:/a:redhat:ansible_automation_platform:ee::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:ee::el9
cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
cpe:/a:redhat:discovery:1.0::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.0::el8
cpe:/a:redhat:enterprise_linux_ai:1		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux_ai:1
cpe:/a:redhat:rhui:4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:4::el8
cpe:/a:redhat:storage:3		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3
cpe:/o:redhat:discovery:1.0::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:discovery:1.0::el9
CVE-2024-8775		https://nvd.nist.gov/vuln/detail/CVE-2024-8775
GHSA-jpxc-vmjf-9fcj		https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
RHSA-2024:10762		https://access.redhat.com/errata/RHSA-2024:10762
RHSA-2024:8969		https://access.redhat.com/errata/RHSA-2024:8969
RHSA-2025:1249		https://access.redhat.com/errata/RHSA-2025:1249

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:10762

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://access.redhat.com/errata/RHSA-2024:10762

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:8969

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://access.redhat.com/errata/RHSA-2024:8969

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:9894

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://access.redhat.com/errata/RHSA-2024:9894

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1249

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://access.redhat.com/errata/RHSA-2025:1249

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8775.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-8775

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://access.redhat.com/security/cve/CVE-2024-8775

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2312119

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2312119

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/advisories/GHSA-jpxc-vmjf-9fcj

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/ Found at https://github.com/advisories/GHSA-jpxc-vmjf-9fcj

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-8775

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.03104
EPSS Score	0.00018
Published At	April 15, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2024-09-17T19:12:42.806786+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2024-8775	34.0.1