Permissions, Privileges, and Access Controls in Ansible Tower



Published: 2018-09-11 | Updated: 2020-07-17
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-7070
CWE-ID CWE-264
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe 		Ansible Tower
Web applications / Remote management & hosting panels

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU31217

Risk: High

CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7070

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to execute arbitrary code.

A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Ansible Tower: 3.0.1 - 3.0.2

External links

http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7070
http://docs.ansible.com/ansible-tower/3.0.3/html/upgrade-migration-guide/release_notes.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###