{"id":"CVE-2018-16859","details":"Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.","aliases":["GHSA-v735-2pp6-h86r","PYSEC-2018-60"],"modified":"2026-04-10T04:06:51.714640Z","published":"2018-11-29T18:29:00.537Z","related":["SUSE-SU-2020:3309-1","openSUSE-SU-2019:0238-1","openSUSE-SU-2019:1125-1","openSUSE-SU-2019:1635-1","openSUSE-SU-2019:1858-1","openSUSE-SU-2024:10615-1","openSUSE-SU-2024:14244-1","openSUSE-SU-2024:14536-1","openSUSE-SU-2025:15605-1","openSUSE-SU-2025:15753-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3770"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3771"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3773"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106004"},{"type":"REPORT","url":"https://access.redhat.com/errata/RHSA-2018:3772"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859"},{"type":"FIX","url":"https://github.com/ansible/ansible/pull/49142"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ansible/ansible","events":[{"introduced":"0"},{"fixed":"ceae26e5e9b73575a8a397101617b11a5c2ce7d5"},{"introduced":"8ce3bd6deaa0a0274a921c0137cbd804ffc312d0"},{"fixed":"e459665d3bad1603fa6cc52ad412df7871809c37"},{"introduced":"0a07068054090d5b78b27496aa251be74c484b45"},{"fixed":"81879e97925921da225e0fd6010516f765d18d86"},{"introduced":"a771ed93ab09691e53184c809d88a0f1073ef82d"},{"last_affected":"2611867fd1dc387ceaa0ffb8ce0f030aafc2a859"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.5.13"},{"introduced":"2.6.0"},{"fixed":"2.6.10"},{"introduced":"2.7.0"},{"fixed":"2.7.4"},{"introduced":"2.7.5"},{"last_affected":"2.8"}]}}],"versions":["0.0.1","0.01","0.3","0.7","v1.0","v1.1","v1.2","v1.4.0","v1.6.0","v2.0.0-0.1.alpha1","v2.0.0-0.2.alpha2","v2.0.0-0.3.beta1","v2.0.0-0.4.beta2","v2.0.0-0.5.beta3","v2.5.0","v2.5.0b1","v2.5.0b2","v2.5.0rc1","v2.5.0rc2","v2.5.0rc3","v2.5.1","v2.5.10","v2.5.11","v2.5.12","v2.5.2","v2.5.3","v2.5.4","v2.5.5","v2.5.6","v2.5.7","v2.5.8","v2.5.9","v2.6.0","v2.6.0a1","v2.6.1","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.6.6","v2.6.7","v2.6.8","v2.6.9","v2.7.0","v2.7.0.a1","v2.7.1","v2.7.2","v2.7.3","v2.8.0","v2.8.0a1","v2.8.0b1","v2.8.0rc1","v2.8.0rc2","v2.8.0rc3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16859.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}