Ansible Tower Security Vulnerabilities and Issues — Ansible Tower CVE List

Lucene search

RedhatAnsible Tower

9 matches found

CVE•added 2019/03/25 7:29 p.m.•231 views

CVE-2019-3835

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.3CVSS6.3AI score0.01339EPSS

CVE•added 2019/10/14 3:15 p.m.•230 views

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are process...

7.3CVSS5.4AI score0.0004EPSS

CVE•added 2019/03/25 7:29 p.m.•225 views

CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.3CVSS5.6AI score0.01038EPSS

CVE•added 2019/12/19 9:15 p.m.•173 views

CVE-2019-19340

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could g...

8.2CVSS8.1AI score0.00509EPSS

CVE•added 2019/12/19 9:15 p.m.•156 views

CVE-2019-19342

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose wil...

5.3CVSS5.5AI score0.00338EPSS

CVE•added 2019/12/19 9:15 p.m.•149 views

CVE-2019-19341

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credenti...

5.9CVSS5.5AI score0.00103EPSS

CVE•added 2019/11/26 7:15 a.m.•116 views

CVE-2019-14890

A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license.

8.4CVSS8.2AI score0.00054EPSS

CVE•added 2019/03/28 2:29 p.m.•94 views

CVE-2019-3869

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges.

7.2CVSS7.1AI score0.00329EPSS

CVE•added 2019/01/03 2:29 p.m.•58 views

CVE-2018-16879

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service attacks by deleting pr...

9.8CVSS9.1AI score0.00229EPSS