Back to bug 1969265
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Yadnyawalk Tale | 2021-06-08 06:03:36 UTC | Depends On | 1969271 | |
| Yadnyawalk Tale | 2021-06-08 11:01:05 UTC | Summary | foreman_ansible: Unauthecated host access through job_template | foreman_ansible: Unauthenticated host access through job_template |
| RaTasha Tillery-Smith | 2021-06-15 15:29:46 UTC | Summary | foreman_ansible: Unauthenticated host access through job_template | CVE-2021-3589 foreman_ansible: Unauthenticated host access through job_template |
| Alias | CVE-2021-3589 | |||
| Blocks | 1969837 | |||
| Doc Text | Foreman Ansible is vulnerable to the authorization flaw. A authenticated attacker with certain permissions to create and run Ansible jobs is able to access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||
| Tomer Brisker | 2021-12-14 09:23:51 UTC | CC | tbrisker | |
| Red Hat Bugzilla | 2022-07-18 09:51:23 UTC | CC | mmccune | |
| Yadnyawalk Tale | 2022-11-23 17:33:36 UTC | Doc Type | --- | If docs needed, set a value |
| Yadnyawalk Tale | 2023-02-08 09:35:45 UTC | Summary | CVE-2021-3589 foreman_ansible: Unauthenticated host access through job_template | CVE-2021-3589 foreman_ansible: authenticated user can access host through job_template |
| Yadnyawalk Tale | 2023-02-08 09:39:29 UTC | Comment | 0 | updated |
| Red Hat Bugzilla | 2023-03-02 08:27:53 UTC | CC | myarboro | |
| Red Hat Bugzilla | 2023-05-15 20:19:03 UTC | CC | btotty | |
| Red Hat Bugzilla | 2023-07-07 08:31:04 UTC | Assignee | security-response-team | nobody |
Back to bug 1969265