Ansible Tower Privilege Escalation: Trust Level Misconfiguration in PostgreSQL Deployment

Ansible Tower Privilege Escalation: Trust Level Misconfiguration in PostgreSQL Deployment

CVE-2016-7070 · MEDIUM Severity

AV:A/AC:L/AU:S/C:P/I:P/A:P

A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.