Back to bug 1818924
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Borja Tarraso | 2020-03-30 17:39:29 UTC | Depends On | 1818925, 1818926, 1818927 | |
| Guilherme de Almeida Suckevicz | 2020-03-30 19:43:46 UTC | Summary | Tower: normal users can intercept stdout from jobs running in other organizations | CVE-2020-10698 Tower: normal users can intercept stdout from jobs running in other organizations |
| Alias | CVE-2020-10698 | |||
| Jeff Needle | 2020-03-31 14:32:42 UTC | CC | jneedle | |
| Doc Type | --- | If docs needed, set a value | ||
| RaTasha Tillery-Smith | 2020-03-31 14:35:08 UTC | Doc Text | A flaw was found in Ansible Tower when running jobs. An attacker could take advantage by accessing the stdout of the executed jobs which are run from other organizations. Some sensible data could be disclosed, however critical data must not be disclosed as it should be protected by no_log flag when debugging is enabled. | A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. |
| Doran Moppert | 2020-05-27 06:11:00 UTC | CC | dmoppert | |
| Red Hat Bugzilla | 2021-01-26 11:47:02 UTC | CC | gmainwar | |
| Red Hat Bugzilla | 2021-04-20 07:45:06 UTC | CC | rpetrell | |
| Red Hat Bugzilla | 2021-11-02 15:42:22 UTC | CC | notting | |
| Red Hat Bugzilla | 2021-12-15 11:50:49 UTC | CC | cmeyers | |
| Red Hat Bugzilla | 2023-07-07 08:30:49 UTC | Assignee | security-response-team | nobody |
Back to bug 1818924