CVE-2017-7528
published 2018-08-22CVE-2017-7528: Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal…
medium6.5CVSS 3.0
AVAACLPRNUINSUCNIHAN
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | ansible_tower | — | — |
| redhat | cloudforms_management_engine | — | — |