Table of Contents
Red Hat CloudForms versions 4.5 and 4.6 ship an ansible-tower which correctly sets the security channel by default. Red Hat CloudForms version 4.7 ships ansible-tower 3.3.3 which already contains the fix.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||7.3|
|CVSS3 Base Metrics||CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H|
|Attack Vector||Adjacent Network|
Affected Packages State
|Red Hat Ansible Tower 3 for RHEL 7||ansible-tower-server||Affected|