Manuel Hofer

**Name of the Vulnerable Software and Affected Versions** Ansible Tower versions prior to 2.0.5 **Description** The issue allows remote organization administrators to gain privileges by creating a superuser account. **Recommendations** For versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Ansible Tower versions prior to 2.0.5 **Description** The issue allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to "socket.io/1/". **Recommendations** For versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Ansible Tower versions prior to 2.0.5 **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `order by` parameter to various endpoints such as "credentials/", "inventories/", "projects/", or "users/3/permissions/" in "api/v1/" or the `next run` parameter to "api/v1/schedules/". **Recommendations** For versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable API endpoints, such as "api/v1/credentials/", "api/v1/inventories/", "api/v1/projects/", "api/v1/users/3/permissions/", and "api/v1/schedules/", until a patch is applied. Avoid using the `order by` and `next run` parameters in the affected API endpoints until the issue is resolved.