CVE-2023-4237 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-4237 Interim 1 3 2023-10-04T23:22:00Z current 2023-08-09T23:16:29Z 2023-10-04T23:22:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-4237 A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Manager Client Tools for SLE 15 SUSE Manager Proxy Module 4.2 SUSE Manager Proxy Module 4.3 ansible ansible-doc ansible as a component of SUSE Manager Client Tools for SLE 15 ansible as a component of SUSE Manager Proxy Module 4.2 ansible-doc as a component of SUSE Manager Proxy Module 4.2 ansible as a component of SUSE Manager Proxy Module 4.3 ansible-doc as a component of SUSE Manager Proxy Module 4.3 A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability. CVE-2023-4237 SUSE Manager Client Tools for SLE 15:ansible SUSE Manager Proxy Module 4.2:ansible SUSE Manager Proxy Module 4.2:ansible-doc SUSE Manager Proxy Module 4.3:ansible SUSE Manager Proxy Module 4.3:ansible-doc moderate 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H