CVE-2025-9908

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers (such as X-Trusted-Proxy and X-Envoy-*) and event stream URLs via crafted requests and job templates. By exfiltrating these headers, an attacker could spoof trusted requests, escalate privileges, or perform malicious event injection.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:19201	Vendor Advisory
https://access.redhat.com/errata/RHSA-2025:19221	Vendor Advisory
https://access.redhat.com/errata/RHSA-2025:23069	Vendor Advisory
https://access.redhat.com/errata/RHSA-2025:23131	Vendor Advisory
https://access.redhat.com/security/cve/CVE-2025-9908	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2392835	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:redhat:ansible_automation_platform::::::::
	cpe:2.3:a:redhat:ansible_developer:1.2:::::::*
	cpe:2.3:a:redhat:ansible_developer:1.3:::::::*
	cpe:2.3:a:redhat:ansible_inside:1.3:::::::*
	cpe:2.3:a:redhat:ansible_inside:1.4:::::::*

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

History

25 Mar 2026, 20:19

Type	Values Removed	Values Added
References	~~() https://access.redhat.com/errata/RHSA-2025:19201 -~~	() https://access.redhat.com/errata/RHSA-2025:19201 - Vendor Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:19221 -~~	() https://access.redhat.com/errata/RHSA-2025:19221 - Vendor Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:23069 -~~	() https://access.redhat.com/errata/RHSA-2025:23069 - Vendor Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:23131 -~~	() https://access.redhat.com/errata/RHSA-2025:23131 - Vendor Advisory
References	~~() https://access.redhat.com/security/cve/CVE-2025-9908 -~~	() https://access.redhat.com/security/cve/CVE-2025-9908 - Vendor Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2392835 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2392835 - Issue Tracking, Vendor Advisory
Summary		(es) Se encontró una falla en Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. Esta vulnerabilidad permite a un usuario autenticado obtener acceso a encabezados de infraestructura interna sensibles (como X-Trusted-Proxy y X-Envoy-*) y URLs de flujo de eventos a través de solicitudes manipuladas y plantillas de trabajo. Al exfiltrar estos encabezados, un atacante podría suplantar solicitudes confiables, escalar privilegios o realizar inyección de eventos maliciosos.
First Time		Redhat Redhat enterprise Linux Redhat ansible Inside Redhat ansible Automation Platform Redhat ansible Developer
CPE		cpe:2.3:a:redhat:ansible_developer:1.2:::::::* cpe:2.3:a:redhat:ansible_inside:1.4:::::::* cpe:2.3:a:redhat:ansible_inside:1.3:::::::* cpe:2.3:a:redhat:ansible_developer:1.3:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:a:redhat:ansible_automation_platform:::::::: cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
CWE		NVD-CWE-noinfo

27 Feb 2026, 08:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-27 08:17

Updated : 2026-03-25 20:19

NVD link : CVE-2025-9908

Mitre link : CVE-2025-9908

CVE.ORG link : CVE-2025-9908

JSON object : View

Products Affected

redhat

enterprise_linux
ansible_automation_platform
ansible_developer
ansible_inside

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

6.7 /10