Bug 1563492 (CVE-2018-1101)

Summary: CVE-2018-1101 ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges
Product: [Other] Security Response Reporter: Sam Fowler <sfowler>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: cpelland, dajohnso, gblomqui, gmccullo, gtanzill, hhudgeon, jfrey, jhardy, jprause, obarenbo, roliveri, rpetrell, security-response-team, simaishi
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: ansible-tower 3.1.6, ansible-tower 3.2.4 Doc Type: If docs needed, set a value
Doc Text:
Ansible Tower, before version 3.2.4, has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-10 10:19:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1572745, 1572746    
Bug Blocks: 1563493    

Description Sam Fowler 2018-04-04 02:34:16 UTC 
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system.
Comment 2 Kurt Seifried 2018-05-02 16:04:43 UTC 
This is now public: https://www.ansible.com/security
Comment 3 Kurt Seifried 2018-05-02 16:06:04 UTC 
This issue has been addressed in Ansible Tower release 3.1.6 and 3.2.4, for more information please see https://www.ansible.com/security
Comment 5 Borja Tarraso 2018-05-03 06:21:45 UTC 
Acknowledgments:

Name: Graham Mainwaring (Red Hat)
Comment 6 errata-xmlrpc 2018-05-07 20:42:22 UTC 
This issue has been addressed in the following products:

  CloudForms Management Engine 5.9

Via RHSA-2018:1328 https://access.redhat.com/errata/RHSA-2018:1328
Comment 7 errata-xmlrpc 2018-06-25 14:16:54 UTC 
This issue has been addressed in the following products:

  CloudForms Management Engine 5.8

Via RHSA-2018:1972 https://access.redhat.com/errata/RHSA-2018:1972