CNNVD-202510-4485 Information

CNNVD ID

CNNVD-202510-4485

Related CVE

CVE-2025-9908

• CNNVD Published: 2025-10-28

Description (Chinese)

Red Hat Ansible Automation Platform（Red Hat AAP）是美国红帽（Red Hat）公司的一款实现战略性自动化的统一解决方案。 Red Hat Ansible Automation Platform（Red Hat AAP）存在安全漏洞，该漏洞源于可通过EDA Event Streams Internal Headers绕过访问限制，可能导致读取敏感信息。

Description (English)

Red Hat Automation Platform (Red Hat AAP) is a unified solution to strategic automation by Red Hat. Red Hat Ansible Automation Platform (Red Hat AAP) has a security loophole, which stems from access restrictions that can be bypassed through EDA Event Streams Internal Headers, which may lead to access to sensitive information.

Vulnerability Type

其他

Published

2025-10-28

Last Modified

2026-02-24

References

https://vigilance.fr/vulnerability/Red-Hat-Ansible-Automation-Platform-information-disclosure-via-EDA-Event-Streams-Internal-Headers-48603

Patch

https://access.redhat.com/errata/RHSA-2025:23069