Search for vulnerabilities
Vulnerability details: VCID-6n8k-ghk4-aaaf
Vulnerability ID VCID-6n8k-ghk4-aaaf
Aliases CVE-2023-4237
GHSA-ww3m-ffrm-qvqv
Summary ec2_key module prints out the private key directly to the standard output
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 6.5 https://access.redhat.com/errata/RHBA-2023:5653
generic_textual MODERATE https://access.redhat.com/errata/RHBA-2023:5653
cvssv3.1 6.5 https://access.redhat.com/errata/RHBA-2023:5666
generic_textual MODERATE https://access.redhat.com/errata/RHBA-2023:5666
cvssv3 7.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4237.json
cvssv3.1 6.5 https://access.redhat.com/security/cve/CVE-2023-4237
generic_textual MODERATE https://access.redhat.com/security/cve/CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2023-4237
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-ww3m-ffrm-qvqv
cvssv3.1 5.0 https://github.com/ansible/ansible
generic_textual MODERATE https://github.com/ansible/ansible
cvssv3 7.8 https://nvd.nist.gov/vuln/detail/CVE-2023-4237
cvssv3.1 7.8 https://nvd.nist.gov/vuln/detail/CVE-2023-4237
Reference id Reference type URL
https://access.redhat.com/errata/RHBA-2023:5653
https://access.redhat.com/errata/RHBA-2023:5666
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4237.json
https://access.redhat.com/security/cve/CVE-2023-4237
https://api.first.org/data/v1/epss?cve=CVE-2023-4237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4237
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/ansible/ansible
https://security.netapp.com/advisory/ntap-20241025-0002/
1055300 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055300
2229979 https://bugzilla.redhat.com/show_bug.cgi?id=2229979
cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_collection:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_collection:*:*:*:*:*:*:*:*
CVE-2023-4237 https://nvd.nist.gov/vuln/detail/CVE-2023-4237
GHSA-ww3m-ffrm-qvqv https://github.com/advisories/GHSA-ww3m-ffrm-qvqv
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHBA-2023:5653
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHBA-2023:5666
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4237.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/security/cve/CVE-2023-4237
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4237
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4237
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.