{"id":"CVE-2018-16859","details":"Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.","aliases":["GHSA-v735-2pp6-h86r","PYSEC-2018-60"],"modified":"2026-03-12T02:30:55.689219Z","published":"2018-11-29T18:29:00.537Z","related":["SUSE-SU-2020:3309-1","openSUSE-SU-2019:0238-1","openSUSE-SU-2019:1125-1","openSUSE-SU-2019:1635-1","openSUSE-SU-2019:1858-1","openSUSE-SU-2024:10615-1","openSUSE-SU-2024:14244-1","openSUSE-SU-2024:14536-1","openSUSE-SU-2025:15605-1","openSUSE-SU-2025:15753-1"],"references":[{"type":"WEB"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106004"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3771"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3770"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3773"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859"},{"type":"REPORT","url":"https://access.redhat.com/errata/RHSA-2018:3772"},{"type":"FIX","url":"https://github.com/ansible/ansible/pull/49142"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ansible/ansible","events":[{"introduced":"0"},{"fixed":"ceae26e5e9b73575a8a397101617b11a5c2ce7d5"},{"introduced":"8ce3bd6deaa0a0274a921c0137cbd804ffc312d0"},{"fixed":"e459665d3bad1603fa6cc52ad412df7871809c37"},{"introduced":"0a07068054090d5b78b27496aa251be74c484b45"},{"fixed":"81879e97925921da225e0fd6010516f765d18d86"},{"introduced":"a771ed93ab09691e53184c809d88a0f1073ef82d"},{"last_affected":"2611867fd1dc387ceaa0ffb8ce0f030aafc2a859"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.5.13"},{"introduced":"2.6.0"},{"fixed":"2.6.10"},{"introduced":"2.7.0"},{"fixed":"2.7.4"},{"introduced":"2.7.5"},{"last_affected":"2.8"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16859.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}