Lucene search
Redhat.comRH:CVE-2019-19341HistoryDec 14, 2019 - 12:54 a.m.
CVE-2019-19341
2019-12-1400:54:33
redhat.com
access.redhat.com
11
0.0004 Low
EPSS
Percentile
12.7%
A flaw was found in Ansible Tower 3.6.1 and 3.5.3 where files in ‘/var/backup/tower’ are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.
Related
prion
prion
Design/Logic Flaw
2019-12-19 21:15:00
symantec
symantec
Ansible Tower CVE-2019-19341 Information Disclosure Vulnerability
2019-12-14 00:00:00
nvd
nvd
CVE-2019-19341
2019-12-19 21:15:14
cve
cve
CVE-2019-19341
2019-12-19 21:15:14
cvelist
cvelist
CVE-2019-19341
2019-12-19 20:24:18
redhat
redhat
(RHSA-2019:4242) Important: Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container
2019-12-16 23:21:27
(RHSA-2019:4243) Important: Red Hat Ansible Tower 3.6.2-1 - RHEL7 Container
2019-12-16 18:21:29
nessus
nessus
Ansible Tower 3.5.x < 3.5.4 / 3.6.x < 3.6.2 Multiple Vulnerabilities
2019-12-20 00:00:00