CVE-2016-7070 is a vulnerability in Red Hat Ansible Tower
Published on September 11, 2018
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
Weakness Type
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2016-7070
Want to know whenever a new CVE is published for Red Hat Ansible Tower? stack.watch will email you.
Affected Versions
Red Hat Ansible Tower Version 3.0.3 is affected by CVE-2016-7070Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.