A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HRed Hat Ansible Automation Platform
APPRedhat2.02.1Red Hat Ansible Automation Platform Early Access
APPRedhat2.0Red Hat Ansible Automation Platform Text Only Advisories
APPRedhatwszystkie wersjeRed Hat Ansible Tower
APPRedhat3.0Red Hat Enterprise Linux
OSRedhat8.0
Powiązane podatności
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...