VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-fp7m-vzdr-aaap

Essentials
Severities (123)
References (34)
Severity details (37)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-fp7m-vzdr-aaap
Aliases	CVE-2024-0690 GHSA-h24r-m9qc-pvpg PYSEC-2024-36
Summary	ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-117	Improper Output Neutralization for Logs
CWE-116	Improper Encoding or Escaping of Output
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	5	https://access.redhat.com/errata/RHSA-2024:0733
cvssv3.1	5.0	https://access.redhat.com/errata/RHSA-2024:0733
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2024:0733
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0733
cvssv3.1	5.0	https://access.redhat.com/errata/RHSA-2024:2246
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2024:2246
cvssv3.1	5.0	https://access.redhat.com/errata/RHSA-2024:3043
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2024:3043
cvssv3	5.0	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
cvssv3.1	5	https://access.redhat.com/security/cve/CVE-2024-0690
cvssv3.1	5.0	https://access.redhat.com/security/cve/CVE-2024-0690
generic_textual	MODERATE	https://access.redhat.com/security/cve/CVE-2024-0690
ssvc	Track	https://access.redhat.com/security/cve/CVE-2024-0690
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2024-0690
cvssv3.1	5.0	https://bugzilla.redhat.com/show_bug.cgi?id=2259013
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=2259013
cvssv3.1	5.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-h24r-m9qc-pvpg
cvssv3.1	5.0	https://github.com/ansible/ansible
generic_textual	MODERATE	https://github.com/ansible/ansible
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
cvssv3.1	5.0	https://github.com/ansible/ansible/pull/82565
generic_textual	MODERATE	https://github.com/ansible/ansible/pull/82565
cvssv3.1	5.0	https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
generic_textual	MODERATE	https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
cvssv3	5.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0690
cvssv3.1	5.0	https://nvd.nist.gov/vuln/detail/CVE-2024-0690
cvssv3.1	5.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0690
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2024-0690
cvssv3.1	5.0	https://security.netapp.com/advisory/ntap-20250117-0001
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20250117-0001

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2024:2246
		https://access.redhat.com/errata/RHSA-2024:3043
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-0690
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0690
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/ansible/ansible
		https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
		https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
		https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
		https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
		https://github.com/ansible/ansible/pull/82565
		https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
		https://security.netapp.com/advisory/ntap-20250117-0001
		https://security.netapp.com/advisory/ntap-20250117-0001/
1061156		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061156
2259013		https://bugzilla.redhat.com/show_bug.cgi?id=2259013
cpe:2.3:a:redhat:ansible::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible::::::::
cpe:2.3:o:fedoraproject:fedora:38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:::::::*
cpe:2.3:o:fedoraproject:fedora:39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
cpe:/a:redhat:ansible_automation_platform:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
cpe:/a:redhat:ansible_automation_platform:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
cpe:/a:redhat:enterprise_linux:8::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:9::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
CVE-2024-0690		https://access.redhat.com/security/cve/CVE-2024-0690
CVE-2024-0690		https://nvd.nist.gov/vuln/detail/CVE-2024-0690
GHSA-h24r-m9qc-pvpg		https://github.com/advisories/GHSA-h24r-m9qc-pvpg
RHSA-2024:0733		https://access.redhat.com/errata/RHSA-2024:0733

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:0733

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:0733

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/ Found at https://access.redhat.com/errata/RHSA-2024:0733

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:2246

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2024:3043

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-0690

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-0690

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/ Found at https://access.redhat.com/security/cve/CVE-2024-0690

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2259013

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/pull/82565

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0690

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0690

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0690

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20250117-0001

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.11371
EPSS Score	0.0004
Published At	June 25, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2024-01-18T20:34:07.510973+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json	34.0.0rc2