CVE-2016-7070

Name of the Vulnerable Software and Affected Versions Ansible Tower versions prior to 3.0.3

Description A privilege escalation flaw was found in Ansible Tower, where it incorrectly configures the trust level of the postgres user when deploying a PostgreSQL database. This allows an attacker to gain admin level access to the database.

Recommendations For versions prior to 3.0.3, update to version 3.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the PostgreSQL database to minimize the risk of exploitation.