← volver
CVE-2020-14329

CVE-2020-14329

EPSS 0.3%CWE-200
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
27 may 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The highest threat from this vulnerability is to confidentiality.
Productos afectados
n/a · Tower