CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19341 – Tower: intermediate files during Tower backup are world-readable
https://notcve.org/view.php?id=CVE-2019-19341
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability. Se encontró un fallo en Ansible Tower, versiones 3.6.x anteriores a 3.6.2, donde los archivos en "/var/backup/tower" pueden ser world-readable. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19341 https://access.redhat.com/security/cve/CVE-2019-19341 https://bugzilla.redhat.com/show_bug.cgi?id=1782625 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14890 – Tower: RHSM username and password exposed after license application
https://notcve.org/view.php?id=CVE-2019-14890
A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license. Se encontró una vulnerabilidad en Ansible Tower anterior de la versión 3.6.1, donde un atacante con pocos privilegios podía recuperar nombres de usuario y credenciales de contraseñas del nuevo RHSM guardado en texto plano en la base de datos en '/ api / v2 / config' al aplicar la licencia de Ansible Tower. A flaw was found in Ansible Tower where the RHSM credentials are saved in plain text in the database that is available at '/api/v2/config' after applying the Ansible Tower license. Attackers with this information could log into RHSM and modify licenses and make other changes. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14890 https://access.redhat.com/security/cve/CVE-2019-14890 https://bugzilla.redhat.com/show_bug.cgi?id=1773622 • CWE-312: Cleartext Storage of Sensitive Information •