1597069 – (CVE-2018-10884) CVE-2018-10884 ansible-tower: CSRF in awx/api/authentication.py allows for hijacking of the authtoken cookie

Bug 1597069 (CVE-2018-10884) - CVE-2018-10884 ansible-tower: CSRF in awx/api/authentication.py allows for hijacking of the authtoken cookie

Summary: CVE-2018-10884 ansible-tower: CSRF in awx/api/authentication.py allows for hi...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-10884
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1603086 1603087 1603088
Blocks:	1597071
TreeView+	depends on / blocked

Reported:	2018-07-02 01:28 UTC by Sam Fowler
Modified:	2021-10-25 09:48 UTC (History)
CC List:	20 users (show)
Fixed In Version:	tower 3.1.8, tower 3.2.6
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-25 09:48:14 UTC
Embargoed:

Attachments	(Terms of Use)

Description Sam Fowler 2018-07-02 01:28:44 UTC

Ansible Tower versions before 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie.

Comment 4 Borja Tarraso 2018-08-14 13:39:22 UTC

Acknowledgments:

Name: Chris Meyers (Red Hat)

Note You need to log in before you can comment on or make changes to this bug.

abhgupta
btarraso
cpelland
dajohnso
dbaker
dmetzger
gblomqui
gmccullo
gtanzill
jhardy
jlaska
jokerman
jprause
kdixon
psampaio
roliveri
security-response-team
simaishi
sthangav
trankin