Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

Basic Information

ID CVE-2025-14010

Source redhat

Published Dec 4, 2025 at 09:51

Affected Product

Vendor Red Hat

Product Red Hat Ceph Storage 5

References

{
    "lastseen": "",
    "description": "A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.",
    "published": "2025-12-04T09:51:55.868Z",
    "modified": "2025-12-04T09:51:55.868Z",
    "type": "cve",
    "title": "Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2025-14010\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2418774",
    "id": "CVE-2025-14010",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Red Hat Ceph Storage 5",
    "version": "",
    "vendor": "Red Hat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output_CVE-2025-14010

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply