Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Critical: Red Hat Ansible Tower 3.6.1-1 - EL7 Container

Related Vulnerabilities: CVE-2019-14890   CVE-2019-14890   CVE-2019-14890  

Source

Synopsis

Critical: Red Hat Ansible Tower 3.6.1-1 - EL7 Container

Type/Severity

Security Advisory: Critical

Topic

Red Hat Ansible Tower 3.6.1-1 - EL7 Container

Description

Ansible Tower Version 3.6.1

  • ----------------------------
  • Fixed accidental disclosure of Red Hat username and password in
    /api/v2/config (CVE-2019-14890)
  • Fixed upgrade failure with bundled installer
  • Fixed license check error when reinstalling over a partially-installed
    Tower
  • Fixed database restore when using a PostgreSQL pod
  • Fixed error when CA data was missing for a container group credential
  • Fixed error when a container group job was launched when Tower was out
    of capacity
  • Fixed a few minor issues in the AWX modules collection

Solution

For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html

Affected Products

  • Red Hat Ansible Tower 3.6 x86_64

Fixes

  • BZ - 1773622 - CVE-2019-14890 Tower: RHSM username and password exposed after license application

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started