Tower
by Ansible
CVEs (21)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12148 | Hig | 0.55 | 8.4 | 0.02 | Jul 27, 2018 | A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a… | ||
| CVE-2016-7070 | Hig | 0.52 | 8.0 | 0.01 | Sep 11, 2018 | A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database. | ||
| CVE-2015-1482 | 0.04 | — | 0.09 | Feb 4, 2015 | Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/. | |||
| CVE-2015-1481 | 0.03 | — | 0.06 | Feb 4, 2015 | Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account. | |||
| CVE-2015-1368 | 0.03 | — | 0.05 | Jan 27, 2015 | Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower (aka Ansible UI) before 2.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) order_by parameter to credentials/, (2) inventories/, (3) projects/, or (4) users/3/permissions/ in… | |||
| CVE-2021-20139 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20138 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20137 | 0.01 | — | 0.03 | Dec 9, 2021 | A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker… | |||
| CVE-2021-20142 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20141 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20140 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20144 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20143 | 0.01 | — | 0.04 | Dec 9, 2021 | An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted… | |||
| CVE-2021-20145 | 0.00 | — | 0.01 | Dec 9, 2021 | Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make… | |||
| CVE-2020-14329 | 0.00 | — | 0.00 | May 27, 2021 | A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose… | |||
| CVE-2020-14328 | 0.00 | — | 0.00 | May 27, 2021 | A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving… | |||
| CVE-2020-14327 | 0.00 | — | 0.00 | May 27, 2021 | A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or… | |||
| CVE-2020-10709 | 0.00 | — | 0.00 | May 27, 2021 | A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to provide authentication. This flaw allows an attacker to obtain a refresh token that does not expire. The original token granted to the user… | |||
| CVE-2020-10698 | 0.00 | — | 0.00 | May 27, 2021 | A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by… | |||
| CVE-2020-10697 | 0.00 | — | 0.00 | May 27, 2021 | A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage of writing a playbook polluting this cache, causing a denial of service attack. This attack would not completely stop the service, but in… |
- risk 0.55cvss 8.4epss 0.02
A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a…
- risk 0.52cvss 8.0epss 0.01
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
- CVE-2015-1482Feb 4, 2015risk 0.04cvss —epss 0.09
Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/.
- CVE-2015-1481Feb 4, 2015risk 0.03cvss —epss 0.06
Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account.
- CVE-2015-1368Jan 27, 2015risk 0.03cvss —epss 0.05
Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower (aka Ansible UI) before 2.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) order_by parameter to credentials/, (2) inventories/, (3) projects/, or (4) users/3/permissions/ in…
- CVE-2021-20139Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20138Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20137Dec 9, 2021risk 0.01cvss —epss 0.03
A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker…
- CVE-2021-20142Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20141Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20140Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20144Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20143Dec 9, 2021risk 0.01cvss —epss 0.04
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…
- CVE-2021-20145Dec 9, 2021risk 0.00cvss —epss 0.01
Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make…
- CVE-2020-14329May 27, 2021risk 0.00cvss —epss 0.00
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose…
- CVE-2020-14328May 27, 2021risk 0.00cvss —epss 0.00
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving…
- CVE-2020-14327May 27, 2021risk 0.00cvss —epss 0.00
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or…
- CVE-2020-10709May 27, 2021risk 0.00cvss —epss 0.00
A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to provide authentication. This flaw allows an attacker to obtain a refresh token that does not expire. The original token granted to the user…
- CVE-2020-10698May 27, 2021risk 0.00cvss —epss 0.00
A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by…
- CVE-2020-10697May 27, 2021risk 0.00cvss —epss 0.00
A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage of writing a playbook polluting this cache, causing a denial of service attack. This attack would not completely stop the service, but in…
Page 1 of 2