Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-10709

A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to provide authentication. This flaw allows an attacker to obtain a refresh token that does not expire. The original token granted to the user still has access to Ansible Tower, which allows any user that can gain access to the token to be fully authenticated to Ansible Tower. This flaw affects Ansible Tower versions before 3.6.4 and Ansible Tower versions before 3.5.6.

Published

2021-05-27T19:15:07.800

Last Modified

2024-11-21T04:55:53.943

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

4.9

Weaknesses

Type: Secondary
CWE-287
Type: Primary
CWE-287
CWE-613

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	ansible_tower	< 3.5.6	Yes
Application	redhat	ansible_tower	< 3.6.4	Yes

References

https://bugzilla.redhat.com/show_bug.cgi?id=1824033 Issue Tracking, Vendor Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1824033 Issue Tracking, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)