Redhat: >> Ansible Automation Platform Early Access >> 2.0 Security Vulnerabilities
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
CVSS Score
8.8
EPSS Score
0.0
Published
2022-08-25
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
CVSS Score
5.5
EPSS Score
0.002
Published
2022-03-03