CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4112

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.5%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2021-4112

Redhat » Ansible Automation Platform » Version: 2.0

cpe:2.3:a:redhat:ansible_automation_platform:2.0
Redhat » Ansible Automation Platform » Version: 2.1

cpe:2.3:a:redhat:ansible_automation_platform:2.1
Redhat » Ansible Automation Platform Early Access » Version: 2.0

cpe:2.3:a:redhat:ansible_automation_platform_early_access:2.0
Redhat » Ansible Automation Platform Text-Only Advisories » Version: N/A

cpe:2.3:a:redhat:ansible_automation_platform_text-only_advisories:-
Redhat » Ansible Tower » Version: 3.0

cpe:2.3:a:redhat:ansible_tower:3.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4112

Products

Pricing

Contact Us