Page 7 of 59 results (0.013 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. Una falta de comprobación de permisos en Jenkins Ansible Tower Plugin versión 0.9.1 y anteriores, en el método TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems permitió a los atacantes con permiso Overall/Read enumerar el ID de las credenciales almacenadas en Jenkins. • http://www.openwall.com/lists/oss-security/2019/04/30/5 http://www.securityfocus.com/bid/108159 https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355 • CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins Una vulnerabilidad de tipo cross-site request forgery en Jenkins Ansible Tower Plugin versión 0.9.1 y anteriores en el método de comprobación de formulario TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection permitía a los atacantes permiso para conectarse a un URL especificada por el atacante mediante los identificadores de credenciales especificados por el atacante obtenidos por otro método, capturando las credenciales almacenadas en Jenkins • http://www.openwall.com/lists/oss-security/2019/04/30/5 http://www.securityfocus.com/bid/108159 https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Una falta de comprobación de permiso en Jenkins Ansible Tower plugin versión 0.9.1 y versiones anteriores en el método de comprobación de formulario TowerInstallationDescriptor#doTestTowerConnection permitía a los atacantes con permiso general y de lectura conectarse a un URL especificada por el atacante usando identificadores de credenciales especificados por el atacante obtenidos por otro método, capturando las credenciales almacenadas en Jenkins. • http://www.openwall.com/lists/oss-security/2019/04/30/5 http://www.securityfocus.com/bid/108159 https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355 • CWE-862: Missing Authorization •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges. Al ejecutar Tower, en versiones anteriores a la 3.4.3 en OpenShift o Kubernetes, las credenciales de aplicación se exponen a ejecuciones "playbook job" mediante variables de entorno. Un usuario malicioso capacitado para escribir playbooks podría utilizar esto para ganar privilegios de administrador. When running Tower on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3869 https://github.com/ansible/awx/pull/3505 https://access.redhat.com/security/cve/CVE-2019-3869 https://bugzilla.redhat.com/show_bug.cgi?id=1688508 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-214: Invocation of Process Using Visible Sensitive Information •

CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador forceput podía ser extraído del método DefineResource en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para obtener acceso al sistema de archivos fuera de las restricciones impuestas por -dSAFER. It was found that the forceput operator could be extracted from the DefineResource method. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00018.html http://packetstormsecurity.com/files/152367/Slackware-Security-Advisory-ghostscript-Updates.html https://access.redhat.com/errata/RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:0971 https://bugs.ghostscript.com/show_bug.cgi?id=700576 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3838 https://lists.debian.org/debian-lts-announce/2 • CWE-648: Incorrect Use of Privileged APIs •