CVE-2017-7550 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-7550 Interim 1 37 2025-11-05T04:02:25Z current 2021-05-30T13:54:53Z 2025-11-05T04:02:25Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-7550 A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2018-March/008029.html E-Mail link for SUSE-SU-2018:0605-1 https://lists.suse.com/pipermail/sle-security-updates/2020-November/007763.html E-Mail link for SUSE-SU-2020:3309-1 https://lists.suse.com/pipermail/sle-updates/2024-April/035080.html E-Mail link for SUSE-SU-2024:1427-1 https://lists.suse.com/pipermail/sle-updates/2024-May/035168.html E-Mail link for SUSE-SU-2024:1509-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/ E-Mail link for openSUSE-SU-2024:14536-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 16.0 SUSE Manager Client Tools 15 SUSE Manager Client Tools 15-BETA SUSE Manager Proxy Module 4.2 SUSE Manager Proxy Module 4.3 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE Package Hub 12 openSUSE Leap 15.5 openSUSE Tumbleweed ansible ansible-10-10.6.0-1.1 ansible-11-11.11.0-1.1 ansible-11.3.0-160000.3.2 ansible-2.2.3.0-9.1 ansible-2.4.1.0-6.1 ansible-2.9.14-3.15.1 ansible-2.9.24-1.2 ansible-2.9.27-150000.1.17.2 ansible-2.9.27-159000.3.12.2 ansible-2.9.9-11.8.1 ansible-9-9.8.0-1.1 ansible-doc ansible-doc-2.9.24-1.2 ansible-doc-2.9.27-150000.1.17.2 ansible-doc-2.9.27-159000.3.12.2 ansible-test-2.9.24-1.2 ansible-test-2.9.27-150000.1.17.2 ansible1 ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 ansible-2.9.14-3.15.1 as a component of HPE Helion OpenStack 8 ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 as a component of HPE Helion OpenStack 8 ansible-2.9.9-11.8.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA ansible-11.3.0-160000.3.2 as a component of SUSE Linux Enterprise Server 16.0 ansible-2.9.27-150000.1.17.2 as a component of SUSE Manager Client Tools 15 ansible-doc-2.9.27-150000.1.17.2 as a component of SUSE Manager Client Tools 15 ansible-2.9.27-159000.3.12.2 as a component of SUSE Manager Client Tools 15-BETA ansible-doc-2.9.27-159000.3.12.2 as a component of SUSE Manager Client Tools 15-BETA ansible-2.9.27-150000.1.17.2 as a component of SUSE Manager Proxy Module 4.3 ansible-doc-2.9.27-150000.1.17.2 as a component of SUSE Manager Proxy Module 4.3 ansible-2.2.3.0-9.1 as a component of SUSE OpenStack Cloud 7 ansible-2.9.14-3.15.1 as a component of SUSE OpenStack Cloud 8 ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 as a component of SUSE OpenStack Cloud 8 ansible-2.9.14-3.15.1 as a component of SUSE OpenStack Cloud Crowbar 8 ansible-2.4.1.0-6.1 as a component of SUSE Package Hub 12 ansible-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-doc-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-test-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-2.9.24-1.2 as a component of openSUSE Tumbleweed ansible-10-10.6.0-1.1 as a component of openSUSE Tumbleweed ansible-11-11.11.0-1.1 as a component of openSUSE Tumbleweed ansible-9-9.8.0-1.1 as a component of openSUSE Tumbleweed ansible-doc-2.9.24-1.2 as a component of openSUSE Tumbleweed ansible-test-2.9.24-1.2 as a component of openSUSE Tumbleweed ansible1 as a component of HPE Helion OpenStack 8 ansible as a component of SUSE Manager Proxy Module 4.2 ansible-doc as a component of SUSE Manager Proxy Module 4.2 ansible1 as a component of SUSE OpenStack Cloud 8 A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation. CVE-2017-7550 HPE Helion OpenStack 8:ansible-2.9.14-3.15.1 HPE Helion OpenStack 8:ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-2.9.27-150000.1.17.2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-doc-2.9.27-150000.1.17.2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-test-2.9.27-150000.1.17.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:ansible-2.9.9-11.8.1 SUSE Linux Enterprise Server 16.0:ansible-11.3.0-160000.3.2 SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2 SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2 SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2 SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2 SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2 SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2 SUSE OpenStack Cloud 7:ansible-2.2.3.0-9.1 SUSE OpenStack Cloud 8:ansible-2.9.14-3.15.1 SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1596735237.54109b1-3.77.1 SUSE OpenStack Cloud Crowbar 8:ansible-2.9.14-3.15.1 SUSE Package Hub 12:ansible-2.4.1.0-6.1 openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2 openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2 openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2 openSUSE Tumbleweed:ansible-2.9.24-1.2 openSUSE Tumbleweed:ansible-10-10.6.0-1.1 openSUSE Tumbleweed:ansible-11-11.11.0-1.1 openSUSE Tumbleweed:ansible-9-9.8.0-1.1 openSUSE Tumbleweed:ansible-doc-2.9.24-1.2 openSUSE Tumbleweed:ansible-test-2.9.24-1.2 HPE Helion OpenStack 8:ansible1 SUSE Manager Proxy Module 4.2:ansible SUSE Manager Proxy Module 4.2:ansible-doc SUSE OpenStack Cloud 8:ansible1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 8.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H