CNNVD-202602-1060 Information
CNNVD ID
CNNVD-202602-1060
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
Red Hat Ansible Automation Platform 2是美国红帽(Red Hat)公司的一款构建、部署和管理自动化的软件。 Red Hat Ansible Automation Platform 2存在安全漏洞,该漏洞源于处理AI聊天交互的对话端点未正确验证会话标识符是否属于发出请求的已认证用户,可能导致拥有有效凭据的攻击者访问或影响其他用户的对话,从而暴露敏感数据或进行未授权操作。
Description (English)
Red Hat Automation Platform 2 is an automated software for the construction, deployment and management of Red Hat. Red Hat Ansible Automation Platform 2 had a security loophole, which stemmed from the incorrect validation of the dialogue endpoint for the processing of AI chats as a certified user of the request, which could lead to effective evidence-based attackers accessing or influencing conversations with other users, thereby exposing sensitive data or performing unauthorized operations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
红帽
Published
2026-02-06
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2026-0598 https://bugzilla.redhat.com/show_bug.cgi?id=2427094
Share on: