Vulnerability CVE-2018-1101


Published: 2018-05-02

Description:
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Redhat
Product: Cloudforms 
Version: 4.6;
Product: Ansible tower 
Version:
3.2.3
3.2.2
3.2.1
3.2.0
3.1.7
3.1.6
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1.0
3.0.4
3.0.3
3.0.2
3.0.1
3.0
2.4.5
2.4.4
2.4.3
2.4.0
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.6
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.4.9
1.4.8
1.4.5
1.4.12
1.4.11
1.4.10
1.4.0
1.3.0
1.2.2

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://access.redhat.com/errata/RHSA-2018:1328
https://access.redhat.com/errata/RHSA-2018:1972
https://access.redhat.com/security/cve/cve-2018-1101
https://bugzilla.redhat.com/show_bug.cgi?id=1563492
https://www.ansible.com/security

Related CVE
CVE-2018-18359
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-18347
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.
CVE-2018-18346
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.
CVE-2018-18343
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18341
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18340
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18339
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18338
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Copyright 2018, cxsecurity.com

 

Back to Top