{"containers": {"cna": {"affected": [{"product": "Tower", "vendor": "n/a", "versions": [{"status": "affected", "version": "ansible_tower 3.6.4, ansible_tower 3.5.6, ansible_tower 3.4.6"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. This flaw affects Ansible Tower versions before 3.6.4, Ansible Tower versions before 3.5.6 and Ansible Tower versions before 3.4.6."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-27T18:45:51", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10698", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Tower", "version": {"version_data": [{"version_value": "ansible_tower 3.6.4, ansible_tower 3.5.6, ansible_tower 3.4.6"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. This flaw affects Ansible Tower versions before 3.6.4, Ansible Tower versions before 3.5.6 and Ansible Tower versions before 3.4.6."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:06:11.170Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10698", "datePublished": "2021-05-27T18:45:51", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:06:11.170Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "50566FBA-06F5-461A-A9A5-87E9FC98B085", "versionEndExcluding": "3.4.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "90C46E3E-82AF-4E9F-AB9A-856988169454", "versionEndExcluding": "3.5.6", "versionStartIncluding": "3.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1299B71-D05C-4871-ABC0-F70AA3730FFB", "versionEndExcluding": "3.6.4", "versionStartIncluding": "3.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. This flaw affects Ansible Tower versions before 3.6.4, Ansible Tower versions before 3.5.6 and Ansible Tower versions before 3.4.6."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en Ansible Tower cuando se ejecutan trabajos. Este fallo permite a un atacante acceder a la salida est\u00e1ndar de los trabajos realizados que son ejecutados desde otras organizaciones. Algunos datos confidenciales pueden ser divulgados. Sin embargo, los datos cr\u00edticos no deben divulgarse, ya que deben estar protegidos por el indicador no_log cuando la depuraci\u00f3n est\u00e1 habilitada. Este fallo afecta a Ansible Tower versiones anteriores a 3.6.4, Ansible Tower versiones anteriores a 3.5.6 y Ansible Tower versiones anteriores a 3.4.6"}], "id": "CVE-2020-10698", "lastModified": "2024-11-21T04:55:52.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-27T19:15:07.727", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Ryan Petrello (Red Hat).", "bugzilla": {"description": "Tower: normal users can intercept stdout from jobs running in other organizations", "id": "1818924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818924"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-200", "details": ["A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. This flaw affects Ansible Tower versions before 3.6.4, Ansible Tower versions before 3.5.6 and Ansible Tower versions before 3.4.6.", "A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled."], "mitigation": {"lang": "en:us", "value": "This issue is possible to mitigate by disabling the stdout from jobs run through the nginx configuration file. However this may affect the usage of Tower as stdout stream would be hidden. To disable the output of running jobs the entire 'location /websocket' block from the nginx configuration (and restarting nginx service) it would be required. Nginx will stop serving /websocket by 404 HTTP code return."}, "name": "CVE-2020-10698", "package_state": [{"cpe": "cpe:/a:redhat:ansible_tower:3", "fix_state": "Affected", "package_name": "ansible", "product_name": "Red Hat Ansible Tower 3"}], "public_date": "2020-03-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10698\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10698"], "statement": "Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.", "threat_severity": "Low", "upstream_fix": "ansible_tower 3.6.4, ansible_tower 3.5.6, ansible_tower 3.4.6"}