Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-4112

Опубликовано: 25 авг. 2022
Источник: nvd
CVSS3: 8.8
EPSS Низкий

Описание

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ansible_automation_platform_early_access:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_automation_platform_text-only_advisories:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_automation_platform:2.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 26%
0.0009
Низкий

8.8 High

CVSS3

Дефекты

CWE-552
CWE-552

Связанные уязвимости

redhat логотип

CVE-2021-4112

CVSS3: 8.8
redhat
около 4 лет назад

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

github логотип

GHSA-2q78-vv73-5vr2

CVSS3: 8.8
github
больше 3 лет назад

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

EPSS

Процентиль: 26%
0.0009
Низкий

8.8 High

CVSS3

Дефекты

CWE-552
CWE-552