{}

{}

{}

{"bugzilla": {"description": "event-driven-ansible: Event Stream Test Mode Exposes Sensitive Headers in AAP EDA", "id": "2392834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392834"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-200", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-9907", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "event-driven-ansible", "product_name": "Red Hat Ansible Automation Platform 2"}], "public_date": "2025-09-17T23:59:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-9907\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-9907"], "statement": "This issue is classified as Moderate because the exposure of sensitive headers, including client Authorization tokens and internal infrastructure values such as X-Trusted-Proxy, can lead to credential leakage and privilege escalation only after user forced mistake and with specific configuration. Exploitation does not require complex conditions\u2014any user with read access to the event stream can retrieve the headers once a request has been posted in test mode. Exploitation depends on either a user mistakenly sending credentials to the event stream endpoint or internal headers being injected when the wrong path is used. The persistence of captured headers further increases risk, as sensitive values remain accessible until explicitly overwritten or deleted.", "threat_severity": "Moderate"}

{}