CVE-2019-19340
CVE-2019-19340
In short
Ansible Tower exposes the RabbitMQ management interface to the public internet when a configuration option is enabled, and if the default admin credentials are unchanged, an attacker can guess the password and take control of the messaging system.
Technical detail
When RabbitMQ manager is enabled via configuration parameter in Ansible Tower 3.5.x and 3.6.x, the management interface becomes publicly accessible without network restrictions. If default credentials remain unchanged, an attacker can perform brute-force or dictionary attacks to authenticate, potentially gaining administrative access to RabbitMQ and compromising system integrity and availability.
Summary generated and translated by AI from the official description.
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Affected products
Red Hat · TowerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →