Rewterz Threat Advisory – Multiple Mozilla Security Vulnerabilities
April 12, 2021Rewterz Threat Alert – Trickbot Malware- Active IOCs
April 12, 2021Rewterz Threat Advisory – Multiple Mozilla Security Vulnerabilities
April 12, 2021Rewterz Threat Alert – Trickbot Malware- Active IOCs
April 12, 2021Severity
Medium
Analysis Summary
CVE-2021-3447
Red Hat Ansible Automation Platform and Ansible Tower could allow a remote authenticated attacker to obtain sensitive information, caused by the storage of user credentials in plain-text on managed nodes. By gaining access to the log files, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system.
Impact
Information Disclosure
Affected Vendors
RedHat
Affected Products
- Red Hat Ansible Automation Platform 1.2 for RHEL 7
- Red Hat Ansible Tower 3
- Red Hat Ansible Engine 2
Remediation
Refer to Red Hat Web site for patch, upgrade or suggested workaround information.