Описание
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
Меры по смягчению последствий
Red Hat has investigated whether possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
EPSS
8.8 High
CVSS3