{"containers":{"cna":{"affected":[{"product":"Ansible","vendor":"Red Hat","versions":[{"status":"affected","version":"2.2.1.0"}]}],"datePublic":"2016-10-26T00:00:00.000Z","descriptions":[{"lang":"en","value":"An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed."}],"metrics":[{"cvssV3_0":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":2.2,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N","version":"3.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2018-07-27T09:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2017:1685","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2017:1685"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/ansible/ansible-modules-core/pull/5388"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T02:27:41.291Z"},"title":"CVE Program Container","references":[{"name":"RHSA-2017:1685","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2017:1685"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/ansible/ansible-modules-core/pull/5388"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2016-8647","datePublished":"2018-07-26T14:00:00.000Z","dateReserved":"2016-10-12T00:00:00.000Z","dateUpdated":"2024-08-06T02:27:41.291Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}