2 matches found
CVE-2024-11483 Automation-gateway: aap-gateway: improper scope handling in oauth2 tokens for aap 2.5
A vulnerability was found in the Ansible Automation Platform AAP. This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansiblebase.oauth2provider for OAuth2 authentication. While th...
CVE-2024-11483 Automation-gateway: aap-gateway: improper scope handling in oauth2 tokens for aap 2.5
A vulnerability was found in the Ansible Automation Platform AAP. This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansiblebase.oauth2provider for OAuth2 authentication. While th...