A vulnerability was found in Ansible Tower prior to 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat ansible tower 3.6.0 |