2 matches found
CVE-2018-16879
Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service attacks by deleting...
CVE-2018-16879
CVE-2018-16879 affects Ansible Tower 3.x prior to 3.3.3. The issue is a RabbitMQ misconfiguration where a secure channel is not used for messaging celery workers, enabling potential data leakage of sensitive information (e.g., passwords) and denial-of-service actions such as deletion of projects ...