Redhat Ansible Automation Platform Early Access vulnerabilities

CVE-2021-4112 [HIGH] CWE-552 CVE-2021-4112: A flaw was found in ansible-tower where the default installation is vulnerable to job isolation esca A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

CVE-2021-3620 [MEDIUM] CWE-209 CVE-2021-3620: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.