CVE-2025-9909

CWE-6474 documents4 sources

Severity

6.7MEDIUM

EPSS

0.0%

top 99.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Ansible Automation Platform Redhat Ansible Developer Redhat Ansible Inside

Timeline

PublishedFeb 27

Description

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

▶NVDredhat/ansible_automation_platform< 2.6

▶NVDredhat/ansible_inside1.3, 1.4+1

▶NVDredhat/ansible_developer1.2, 1.3+1

🔴Vulnerability Details

GHSA

GHSA-2fx4-vwf2-pw99: A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component↗2026-02-27

▶

CVEList

Aap-gateway: improper path validation in gateway allows credential exfiltration↗2026-02-27

▶

📋Vendor Advisories

Red Hat

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration↗2025-09-17

▶