Ansible Tower Privilege Escalation: Trust Level Misconfiguration in PostgreSQL Deployment
CVE-2016-7070 · MEDIUM Severity
AV:A/AC:L/AU:S/C:P/I:P/A:P
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.