3 matches found
CVE-2019-14890
A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license...
CVE-2019-14890
CVE-2019-14890 affects Ansible Tower up to version 3.6.0, where plaintext RHSM credentials stored in the database at /api/v2/config could be exposed when applying the license. The Red Hat advisory RHSA-2019:3958 confirms a fix in Ansible Tower 3.6.1-1 for EL7, addressing the information disclosur...
Critical: Red Hat Security Advisory: Red Hat Ansible Tower 3.6.1-1 - EL7 Container
Red Hat Ansible Tower 3.6.1-1 - EL7 Container Ansible Tower Version 3.6.1 ----------------------------- - Fixed accidental disclosure of Red Hat username and password in /api/v2/config CVE-2019-14890 - Fixed upgrade failure with bundled installer - Fixed license check error when reinstalling over...