Описание
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.
Отчет
This issue is classified as Moderate because exploitation requires the attacker to have administrative access (or successfully social engineer a legitimate admin). A malicious or tricked admin can create a deceptive route with a double-slash path that captures user credentials in cleartext, potentially allowing persistent backdoor access even after the admin’s permissions are revoked. The gateway does not normalize or validate these paths, meaning normal users cannot detect the attack through ordinary API use. Although an attacker cannot exploit this without access to route creation, the combination of privileged requirements and complete credential exposure makes this a moderate severity risk in any environment where multiple users rely on gateway authentication.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Дополнительная информация
Статус:
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.
EPSS
6.7 Medium
CVSS3