Vulnerability Description
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers (such as X-Trusted-Proxy and X-Envoy-*) and event stream URLs via crafted requests and job templates. By exfiltrating these headers, an attacker could spoof trusted requests, escalate privileges, or perform malicious event injection.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Ansible Automation Platform | < 2.6 |
| Redhat | Ansible Developer | 1.2 |
| Redhat | Ansible Inside | 1.3 |
| Redhat | Enterprise Linux | 8.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2025:19201Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:19221Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:23069Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:23131Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-9908Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2392835Issue TrackingVendor Advisory
FAQ
What is CVE-2025-9908?
CVE-2025-9908 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructu...
How severe is CVE-2025-9908?
CVE-2025-9908 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-9908?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Ansible Automation Platform, Redhat Ansible Developer, Redhat Ansible Inside, Redhat Enterprise Linux.