Описание
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
Ссылки
- Issue TrackingVendor Advisory
- Release NotesVendor Advisory
- Issue TrackingVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
EPSS
8 High
CVSS3
5.2 Medium
CVSS2
Дефекты
Связанные уязвимости
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
EPSS
8 High
CVSS3
5.2 Medium
CVSS2