A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to elevate the privilege from a low privileged user to the awx user from outside the isolated environment. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-03-09T17:14:28
Updated: 2024-08-03T17:37:22.981Z
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20253
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-03-09T18:15:15.157
Modified: 2024-11-21T05:46:13.100
Link: CVE-2021-20253
Redhat