{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2023-4237","title":"Title"},{"category":"description","text":"A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2023-4237","url":"https://www.suse.com/security/cve/CVE-2023-4237"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1214115 for CVE-2023-4237","url":"https://bugzilla.suse.com/1214115"}],"title":"SUSE CVE CVE-2023-4237","tracking":{"current_release_date":"2026-03-12T10:16:10Z","generator":{"date":"2023-08-10T01:39:10Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2023-4237","initial_release_date":"2023-08-10T01:39:10Z","revision_history":[{"date":"2023-08-10T01:39:10Z","number":"2","summary":"Current version"},{"date":"2025-01-01T02:26:42Z","number":"3","summary":"Current version"},{"date":"2025-02-14T06:53:43Z","number":"4","summary":"Current version"},{"date":"2025-02-16T06:44:36Z","number":"5","summary":"Current version"},{"date":"2025-03-15T06:39:58Z","number":"6","summary":"Current version"},{"date":"2025-04-08T02:14:49Z","number":"7","summary":"Current version"},{"date":"2025-06-04T03:48:36Z","number":"8","summary":"Current version"},{"date":"2025-06-26T02:13:20Z","number":"9","summary":"Current version"},{"date":"2025-06-27T00:20:20Z","number":"10","summary":"Current version"},{"date":"2025-08-20T23:39:20Z","number":"11","summary":"Current version"},{"date":"2026-03-12T10:16:10Z","number":"12","summary":"unknown changes"}],"status":"interim","version":"12"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Manager Client Tools for SLE 15","product":{"name":"SUSE Manager Client Tools for SLE 15","product_id":"SUSE Manager Client Tools for SLE 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle-manager-tools:15"}}},{"category":"product_name","name":"SUSE Manager Proxy Module 4.2","product":{"name":"SUSE Manager Proxy Module 4.2","product_id":"SUSE Manager Proxy Module 4.2","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-suse-manager-proxy:4.2"}}},{"category":"product_name","name":"SUSE Manager Proxy Module 4.3","product":{"name":"SUSE Manager Proxy Module 4.3","product_id":"SUSE Manager Proxy Module 4.3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-suse-manager-proxy:4.3"}}},{"category":"product_version","name":"ansible","product":{"name":"ansible","product_id":"ansible","product_identification_helper":{"cpe":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ansible@?upstream=ansible.src.rpm"}}},{"category":"product_version","name":"ansible-doc","product":{"name":"ansible-doc","product_id":"ansible-doc","product_identification_helper":{"cpe":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ansible-doc@?upstream=ansible.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"ansible as component of HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8:ansible"},"product_reference":"ansible","relates_to_product_reference":"HPE Helion OpenStack 8"},{"category":"default_component_of","full_product_name":{"name":"ansible1 as component of HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8:ansible1"},"product_reference":"ansible1","relates_to_product_reference":"HPE Helion OpenStack 8"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE Manager Client Tools Beta for SLE 15","product_id":"SUSE Manager Client Tools Beta for SLE 15:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE Manager Client Tools Beta for SLE 15"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE Manager Client Tools for SLE 15","product_id":"SUSE Manager Client Tools for SLE 15:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE Manager Client Tools for SLE 15"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE Manager Proxy Module 4.2","product_id":"SUSE Manager Proxy Module 4.2:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE Manager Proxy Module 4.2"},{"category":"default_component_of","full_product_name":{"name":"ansible-doc as component of SUSE Manager Proxy Module 4.2","product_id":"SUSE Manager Proxy Module 4.2:ansible-doc"},"product_reference":"ansible-doc","relates_to_product_reference":"SUSE Manager Proxy Module 4.2"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE Manager Proxy Module 4.3","product_id":"SUSE Manager Proxy Module 4.3:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE Manager Proxy Module 4.3"},{"category":"default_component_of","full_product_name":{"name":"ansible-doc as component of SUSE Manager Proxy Module 4.3","product_id":"SUSE Manager Proxy Module 4.3:ansible-doc"},"product_reference":"ansible-doc","relates_to_product_reference":"SUSE Manager Proxy Module 4.3"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE OpenStack Cloud 8"},{"category":"default_component_of","full_product_name":{"name":"ansible1 as component of SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8:ansible1"},"product_reference":"ansible1","relates_to_product_reference":"SUSE OpenStack Cloud 8"},{"category":"default_component_of","full_product_name":{"name":"ansible1 as component of SUSE OpenStack Cloud 9","product_id":"SUSE OpenStack Cloud 9:ansible1"},"product_reference":"ansible1","relates_to_product_reference":"SUSE OpenStack Cloud 9"},{"category":"default_component_of","full_product_name":{"name":"ansible as component of SUSE OpenStack Cloud Crowbar 8","product_id":"SUSE OpenStack Cloud Crowbar 8:ansible"},"product_reference":"ansible","relates_to_product_reference":"SUSE OpenStack Cloud Crowbar 8"}]},"vulnerabilities":[{"cve":"CVE-2023-4237","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-4237"}],"notes":[{"category":"general","text":"A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Manager Client Tools for SLE 15:ansible","SUSE Manager Proxy Module 4.2:ansible","SUSE Manager Proxy Module 4.2:ansible-doc","SUSE Manager Proxy Module 4.3:ansible","SUSE Manager Proxy Module 4.3:ansible-doc"]},"references":[{"category":"external","summary":"CVE-2023-4237","url":"https://www.suse.com/security/cve/CVE-2023-4237"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1214115 for CVE-2023-4237","url":"https://bugzilla.suse.com/1214115"}],"remediations":[{"category":"no_fix_planned","details":"There is no fix planned for these products.\n","product_ids":["HPE Helion OpenStack 8:ansible","HPE Helion OpenStack 8:ansible1","SUSE Manager Client Tools Beta for SLE 15:ansible","SUSE OpenStack Cloud 8:ansible","SUSE OpenStack Cloud 8:ansible1","SUSE OpenStack Cloud 9:ansible1","SUSE OpenStack Cloud Crowbar 8:ansible"]}],"threats":[{"category":"impact","date":"2023-08-08T12:03:38Z","details":"moderate"}],"title":"CVE-2023-4237"}]}