While a Tower backup is running, files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup, any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower.
Acknowledgments: Name: Graham Mainwaring (Red Hat)
This issue has been addressed in the following products: Red Hat Ansible Tower 3.5 for RHEL 7 Via RHSA-2019:4242 https://access.redhat.com/errata/RHSA-2019:4242
This issue has been addressed in the following products: Red Hat Ansible Tower 3.6 for RHEL 7 Via RHSA-2019:4243 https://access.redhat.com/errata/RHSA-2019:4243
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19341
Statement: Red Hat CloudForms 4.7 (5.10) release is not affected, because we do not run Ansible Tower backups from CloudForms.