3 matches found
CVE-2020-14328
Summary: CVE-2020-14328 affects Red Hat Ansible Tower before 3.7.2, describing a Server Side Request Forgery (SSRF) that could cause the server to access internal services or reveal internal details during error handling. The NVD entry confirms the flaw and its data-confidentiality emphasis, with...
Moderate: Red Hat Security Advisory: Red Hat Ansible Tower 3.7.2-1 - RHEL7 Container
Red Hat Ansible Tower 3.7.2-1 - RHEL7 Container Updated Named URLs to allow for testing the presence or absence of objects CVE-2020-14337 Fixed Tower Server Side Request Forgery on Credentials CVE-2020-14327 Fixed Tower Server Side Request Forgery on Webhooks CVE-2020-14328 Fixed Tower sensitive...
CVE-2020-14328
A flaw was found in Ansible Tower. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving full details in case of error. The highest...