Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-12557

An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could lead to accidentally leaking credentials or secrets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
Products affected by CVE-2018-12557
  • Zuul-Ci » Zuul » Version: 3.0.0
    cpe:2.3:a:zuul-ci:zuul:3.0.0
  • Zuul-Ci » Zuul » Version: 3.0.1
    cpe:2.3:a:zuul-ci:zuul:3.0.1
  • Zuul-Ci » Zuul » Version: 3.0.2
    cpe:2.3:a:zuul-ci:zuul:3.0.2
  • Zuul-Ci » Zuul » Version: 3.0.3
    cpe:2.3:a:zuul-ci:zuul:3.0.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved