CVE-2020-10709
First published: Wed Apr 15 2020(Updated: )
A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to provide authentication. This flaw allows an attacker to obtain a refresh token that does not expire. The original token granted to the user still has access to Ansible Tower, which allows any user that can gain access to the token to be fully authenticated to Ansible Tower. This flaw affects Ansible Tower versions before 3.6.4 and Ansible Tower versions before 3.5.6.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Ansible Tower | <3.5.6 | |
| Redhat Ansible Tower | >=3.6.0<3.6.4 | |
| redhat/ansible_tower | <3.6.4 | 3.6.4 |
| redhat/ansible_tower | <3.5.6 | 3.5.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security flaw in Ansible Tower?
The vulnerability ID is CVE-2020-10709.
What is the severity of CVE-2020-10709?
The severity of CVE-2020-10709 is high with a CVSS score of 7.1.
How does the vulnerability in Ansible Tower occur?
The vulnerability occurs when requesting an OAuth2 token with an OAuth2 application in Ansible Tower.
What is the impact of this vulnerability in Ansible Tower?
The vulnerability allows an attacker to obtain a refresh token that does not expire, giving unauthorized access to Ansible Tower.
How can I fix the security flaw in Ansible Tower?
To fix the security flaw, update Ansible Tower to version 3.6.4 or 3.5.6, depending on your current version.
- collector/nvd-index
- collector/redhat-bugzilla
- alias/CVE-2020-10709
- vendor/redhat
- canonical/redhat ansible tower
- version/redhat ansible tower/3.6.0
- package-manager/redhat