Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:0778
HistoryMar 09, 2021 - 3:06 p.m.

(RHSA-2021:0778) Important: Red Hat Ansible Tower 3.6.7-1 - Container security and bug fix update

2021-03-0915:06:59
access.redhat.com
154

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.582

Percentile

97.8%

JSON

Security Fix(es):

  • Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253
  • Upgraded to a more recent version of nginx to address CVE-2019-20372
  • Upgraded to a more recent version of autobahn to address CVE-2020-35678
  • Upgraded to a more recent version of jquery to address CVE-2020-11022 and CVE-2020-11023

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

nessus 85
amazon 6
redhat 21
oraclelinux 7
openvas 35
centos 3
ibm 9
fedora 6
almalinux 3
rocky 2
osv 6
mageia 3
f5 1
archlinux 1
ubuntu 3
debian 2
gentoo 2
suse 2
aix 1
cloudfoundry 1
nessus
nessus
Scientific Linux Security Update : nss and nspr on SL7.x x86_64 (20201001)
2020-10-21 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2021-0019)
2021-03-10 00:00:00
Amazon Linux 2 : nspr (ALAS-2020-1559)
2020-11-11 00:00:00
amazon
amazon
Medium: nspr, nss-softokn, nss-util
2021-07-08 18:41:00
Medium: nspr, nss-softokn, nss-util, nss
2020-11-09 21:02:00
Medium: perl
2021-02-19 01:26:00
redhat
redhat
(RHSA-2020:4076) Moderate: nss and nspr security, bug fix, and enhancement update
2020-09-29 19:33:00
(RHSA-2021:0779) Important: Red Hat Ansible Tower 3.7.5-1 - Container security and bug fix update
2021-03-09 15:07:20
(RHSA-2021:0780) Important: Red Hat Ansible Tower 3.8.2-1 - Container security and bug fix update
2021-03-09 15:07:34
oraclelinux
oraclelinux
nss and nspr security, bug fix, and enhancement update
2020-10-08 00:00:00
nss and nspr security, bug fix, and enhancement update
2020-08-04 00:00:00
perl security update
2021-05-20 00:00:00
openvas
openvas
CentOS: Security Advisory for nss (CESA-2020:4076)
2021-05-01 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2021-9a0903469c)
2021-03-02 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2021-e9478617ae)
2021-03-02 00:00:00
centos
centos
nspr, nss security update
2020-11-06 22:01:52
perl security update
2021-02-04 01:04:16
libxml2 security update
2020-10-20 18:27:26
ibm
ibm
Security Bulletin: IBM MQ Appliance is affected by multiple nss and nspr vulnerabilities
2021-01-21 09:32:12
Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities
2021-01-12 10:59:54
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2019-17006, CVE-2019-17023, CVE-2020-12403)
2021-07-08 17:59:28
fedora
fedora
[SECURITY] Fedora 32 Update: ansible-2.9.18-1.fc32
2021-03-01 17:06:17
[SECURITY] Fedora 33 Update: ansible-2.9.18-1.fc33
2021-03-01 17:02:27
[SECURITY] Fedora 32 Update: mingw-libxml2-2.9.10-1.fc32
2020-05-01 04:08:08
almalinux
almalinux
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
Moderate: nss security and bug fix update
2021-02-16 07:32:47
Moderate: libxml2 security update
2020-11-03 12:08:23
rocky
rocky
nss security and bug fix update
2021-02-16 07:32:47
nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
osv
osv
Moderate: nss security and bug fix update
2021-02-16 07:32:47
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
nss - security update
2023-02-20 00:00:00
mageia
mageia
Updated ansible packages fix security vulnerability
2021-03-12 04:25:47
Updated ansible packages fix security vulnerability
2021-03-12 04:25:47
Updated perl packages fix security vulnerability
2020-06-11 02:59:36
f5
f5
K61267093 : Multiple NSS vulnerabilities CVE-2020-6829, CVE-2020-12400, CVE-2020-12401, and CVE-2020-12402
2021-04-16 00:00:00
archlinux
archlinux
[ASA-202102-9] ansible: information disclosure
2021-02-06 00:00:00
ubuntu
ubuntu
NSS vulnerabilities
2020-08-10 00:00:00
Perl vulnerabilities
2020-10-26 00:00:00
Perl vulnerabilities
2020-10-27 00:00:00
debian
debian
[SECURITY] [DLA 3327-1] nss security update
2023-02-20 15:16:03
[SECURITY] [DLA 2388-1] nss security update
2020-09-29 19:15:28
gentoo
gentoo
Mozilla Network Security Service (NSS): Multiple vulnerabilities
2020-08-19 00:00:00
Perl: Multiple vulnerabilities
2020-06-12 00:00:00
suse
suse
Security update for perl (important)
2020-06-23 00:00:00
Security update for libxml2 (moderate)
2020-05-23 00:00:00
aix
aix
There are vulnerabilities in Perl that affect AIX.
2020-12-09 16:36:39
cloudfoundry
cloudfoundry
USN-4602-1: Perl vulnerabilities | Cloud Foundry
2021-03-09 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.582

Percentile

97.8%

JSON
Related for RHSA-2021:0778
nessus85amazon6redhat21oraclelinux7openvas35centos3ibm9fedora6almalinux3rocky2osv6mageia3f51archlinux1ubuntu3debian2gentoo2suse2aix1cloudfoundry1