CVE-2021-4112

HIGH Year: 2021
CVSS v3 Score
8.8
High
Weakness Type
CWE-552
View all →

Vulnerability Description

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

Related Vulnerabilities

CVE-2021-20182

HIGH
CVSS:8.8(High)

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to th...

CWE-5522021

CVE-2022-25297

HIGH
CVSS:8.8(High)

This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save() method may enable attackers to write files to arbitrary locations o...

CWE-5522022

CVE-2022-32143

HIGH
CVSS:8.8(High)

In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller on...

CWE-5522022

CVE-2022-42234

HIGH
CVSS:8.8(High)

There is a file inclusion vulnerability in the template management module in UCMS 1.6

CWE-5522022

CVE-2023-20235

HIGH
CVSS:8.8(High)

A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to...

CWE-5522023

CVE-2023-39545

HIGH
CVSS:8.8(High)

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to th...

CWE-5522023