Search for vulnerabilities
Vulnerability details: VCID-nygs-kyb8-bqc9
Vulnerability ID VCID-nygs-kyb8-bqc9
Aliases CVE-2021-3447
PYSEC-2021-107
Summary A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-532 Insertion of Sensitive Information into Log File
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 5.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3447.json
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2021-3447
cvssv3.1 5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2021-3447
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3447
archlinux Medium https://security.archlinux.org/AVG-1702
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3447.json
https://api.first.org/data/v1/epss?cve=CVE-2021-3447
https://bugzilla.redhat.com/show_bug.cgi?id=1939349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3447
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MS4VPUYVLGSAKOX26IT52BSMEZRZ3KS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBZ75MAMVQVZROPYHMRDQKPPVASP63DG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUTGO4RS4ZXZSPBU2CHVPT75IAFVTTL3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MS4VPUYVLGSAKOX26IT52BSMEZRZ3KS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZ75MAMVQVZROPYHMRDQKPPVASP63DG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RUTGO4RS4ZXZSPBU2CHVPT75IAFVTTL3/
1014721 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014721
AVG-1702 https://security.archlinux.org/AVG-1702
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
CVE-2021-3447 https://nvd.nist.gov/vuln/detail/CVE-2021-3447
RHSA-2021:1079 https://access.redhat.com/errata/RHSA-2021:1079
RHSA-2021:1342 https://access.redhat.com/errata/RHSA-2021:1342
RHSA-2021:1343 https://access.redhat.com/errata/RHSA-2021:1343
RHSA-2021:2736 https://access.redhat.com/errata/RHSA-2021:2736
RHSA-2021:2866 https://access.redhat.com/errata/RHSA-2021:2866
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3447.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3447
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3447
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.17204
EPSS Score 0.00055
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:11:23.620116+00:00 Pypa Importer Import https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2021-107.yaml 37.0.0