RHSA-2026:28440
Vulnerability from csaf_redhat - Published: 2026-06-23 17:29 - Updated: 2026-07-15 14:34Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.7 Container Release Update
Severity
Critical
Notes
Topic: An update is now available for Red Hat Ansible Automation Platform 2.7
Details: Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
For details about this release, refer to the release notes listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.
9.6 (Critical)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64 | — |
Workaround
|
Threats
Impact
Critical
References
9 references
Acknowledgments
Red Hat, Inc.
Chris Meyers
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.7",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nFor details about this release, refer to the release notes listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28440",
"url": "https://access.redhat.com/errata/RHSA-2026:28440"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-11807",
"url": "https://access.redhat.com/security/cve/CVE-2026-11807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7/whats_new-async_updates",
"url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7/whats_new-async_updates"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28440.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.7 Container Release Update",
"tracking": {
"current_release_date": "2026-07-15T14:34:46+00:00",
"generator": {
"date": "2026-07-15T14:34:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.6"
}
},
"id": "RHSA-2026:28440",
"initial_release_date": "2026-06-23T17:29:16+00:00",
"revision_history": [
{
"date": "2026-06-23T17:29:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-23T17:29:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-15T14:34:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.7",
"product": {
"name": "Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9-operator@sha256%3A6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator\u0026tag=1781655299"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel9@sha256%3Ace0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9\u0026tag=1781733327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3A1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=1781768160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3A56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=1781768160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9@sha256%3Aae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9\u0026tag=1781730525"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9-operator@sha256%3A0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator\u0026tag=1781655299"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel9@sha256%3A518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9\u0026tag=1781733327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9@sha256%3A5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9\u0026tag=1781730525"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Chris Meyers"
],
"organization": "Red Hat, Inc.",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-11807",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2026-06-09T15:42:49.367000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487036"
}
],
"notes": [
{
"category": "description",
"text": "A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eda-server: websocket missing authorization allows credential theft via activation_id spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-11807"
},
{
"category": "external",
"summary": "RHBZ#2487036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-11807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-11807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11807"
}
],
"release_date": "2026-06-23T14:27:28.309000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:29:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7#Upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28440"
},
{
"category": "workaround",
"details": "The following practices would help for reducing or avoiding the exposure to this flaw:\n\n1) Restrict network access to the EDA websocket endpoint.\n2) Review and limit user accounts with any level of Ansible Automation Platform authentication until the fix is applied.",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:0fc501f79b57632a0afa165ae50384964d6d8f0c22b69f09b4d5a687bd15f402_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:6208fb3fc2eaaa3fec1f2716bcd2d3db8b3f60cbb2f5b0a0f781026bf2465b4e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:5534ffce8512326cfaf5f951995a5d48454f3565dde5ea6368839f245c6d3346_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:ae3eae342e9f09fad3bbf16170189d97c8930d63b08d3026651f62620fea558c_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:518645014efff9714835adf0b614cce22236d7a50675d8f24e699118d2f9b649_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:ce0bfcfe8bd8fbec9bd4ef127f97b0035e540eb7ead15ba572ed9a8ce2894af8_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:1d7336a746b35764d705c3a68f0f0e2a8426eaa1e75f504b193900fcdcdb80ec_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:56c701ab118c1b91ff55af524e69d2c8970784c185e13950fc13b3ff495f05d2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "eda-server: websocket missing authorization allows credential theft via activation_id spoofing"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…