Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development.
python-paramiko: Authentication bypass in transport.py (CVE-2018-7750)
ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges (CVE-2018-1101)
ansible-tower: Remote code execution by users with access to define variables in job templates (CVE-2018-1104)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Simon Vikström for reporting CVE-2018-1104. The CVE-2018-1101 issue was discovered by Graham Mainwaring (Red Hat).