4 matches found
CVE-2019-3869
When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges...
CVE-2019-3869
CVE-2019-3869 affects Ansible Tower 3.x prior to 3.3.5 (and 3.4.x prior to 3.4.3) when running in OpenShift/Kubernetes, where Tower's credentials are exposed to playbook job runs via environment variables. This exposure could allow a user who can write playbooks to escalate to administrative priv...
CVE-2019-3869
When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges...
CVE-2019-3869
When running Tower on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges...