Security Advisory

CVE-2019-3869

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-28 13:04:59

Last updated 2024-08-04 19:19:18

Assigner redhat

State PUBLISHED

Description

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges.

← Browse all CVEs View on cve.org ↗