VYPR
Unrated severityNVD Advisory· Published Mar 28, 2019· Updated Aug 4, 2024

CVE-2019-3869

CVE-2019-3869

Description

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ansible/AWXllm-create
    Range: <3.4.3
  • Red Hat/Towerv5
    Range: 3.3.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.