6 matches found
CVE-2026-11807 Eda-server: websocket missing authorization allows credential theft via activation_id spoofing
A missing authorization vulnerability was found in the Event-Driven Ansible EDA websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activationid to receive...
eda-server: websocket missing authorization allows credential theft via activation_id spoofing
A missing authorization vulnerability was found in the Event-Driven Ansible EDA websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activationid to receive...
CVE-2024-1657 Platform: insecure websocket used when interacting with eda server
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of...
CVE-2024-1657 Platform: insecure websocket used when interacting with eda server
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of...
CVE-2024-1657
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of...
Red Hat Ansible Automation Platform Security Vulnerability
Red Hat Ansible Automation is a software application from Red Hat, Inc. It provides a means to automate all aspects of an infrastructure, from servers and network devices to operating systems, applications, and security. A security vulnerability exists in Red Hat Ansible Automation Platform that...