2 matches found
CVE-2019-19342
CVE-2019-19342 affects Red Hat Ansible Tower 3.6.x before 3.6.2 and 3.5.x before 3.5.4. When a request to /websocket includes a password containing the character ‘#’, the parsing in RabbitMQ can trigger a socket error and return HTTP 500 with partial plaintext password disclosure. This enables br...
Important: Red Hat Security Advisory: Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container
Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container Added a command to generate a new SECRETKEY and rekey the database Removed the guest user from the optionally-configured RabbitMQ admin interface CVE-2019-19340 Fixed assorted issues with preserving permissions in the Ansible Tower backup playbook...