VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Ansible Tower
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-05-27
CVE-2020-14327
Unspecified vulnerability in Redhat Ansible Tower
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2.
local
low complexity
redhat
5.5
5.5
2021-05-27
CVE-2020-10697
Unspecified vulnerability in Redhat Ansible Tower
A flaw was found in Ansible Tower when running Openshift.
local
low complexity
redhat
4.4
4.4
2021-05-26
CVE-2021-20191
A flaw was found in ansible.
local
low complexity
oracle
redhat
5.5
5.5
2021-05-26
CVE-2021-20178
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module.
local
low complexity
redhat
fedoraproject
5.5
5.5
2021-04-01
CVE-2021-3447
A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode.
local
low complexity
redhat
fedoraproject
5.5
5.5
2021-03-09
CVE-2021-20253
Unspecified vulnerability in Redhat Ansible Tower
A flaw was found in ansible-tower.
local
high complexity
redhat
6.7
6.7
2020-07-31
CVE-2020-14337
Information Exposure Through an Error Message vulnerability in Redhat Ansible Tower 3.0.0
A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes.
network
low complexity
redhat
CWE-209
5.8
5.8
2020-06-18
CVE-2020-10782
Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Ansible Tower 3.7.0
An exposure of sensitive information flaw was found in Ansible version 3.7.0.
local
low complexity
redhat
CWE-732
6.5
6.5
2020-05-15
CVE-2020-10744
Race Condition vulnerability in Redhat Ansible and Ansible Tower
An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive.
local
high complexity
redhat
CWE-362
5.0
5.0
2020-05-12
CVE-2020-1746
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used.
local
low complexity
redhat
debian
5.0
5.0
«
1
(current)
2
3
4
»
Next