Risk | High |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2016-7070 |
CWE-ID | CWE-264 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
Ansible Tower Web applications / Remote management & hosting panels |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains one high risk vulnerability.
EUVDB-ID: #VU31217
Risk: High
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7070
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
MitigationInstall update from vendor's website.
Vulnerable software versionsAnsible Tower: 3.0.1 - 3.0.2
External linkshttp://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7070
http://docs.ansible.com/ansible-tower/3.0.3/html/upgrade-migration-guide/release_notes.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.