Skip to content

Information Disclosure: Ansible Config Exposure¶

Identifier: ansible_config_exposure

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Ansible configuration files left accessible to the public may reveal sensitive details about system configuration and credentials, potentially allowing attackers to access internal systems or escalate privileges.

How we test: We scan for exposed Ansible configuration files and playbooks that may be accessible via web servers. We check if these files contain sensitive information such as credentials, host configurations, or other infrastructure details that should not be publicly accessible.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  ansible_config_exposure:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.