Vulnerabilities > Redhat > Ansible Tower > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-02 CVE-2018-1104 Code Injection vulnerability in Redhat Ansible Tower
Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server.
network
low complexity
redhat CWE-94
8.8
2018-05-02 CVE-2018-1101 Weak Password Requirements vulnerability in Redhat Ansible Tower
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation.
network
low complexity
redhat CWE-521
7.2