Volerion logoVolerion
Volerion logoVolerion

Red Hat Ansible Automation Platform Improper Path Validation in Gateway Component Allows Credential Exfiltration

Vulnerability

A vulnerability exists in the Red Hat Ansible Automation Platform Gateway route creation component, specifically in versions 2.5 and 2.6. This flaw allows for credential theft by creating misleading routes with a double-slash prefix in the gateway_path. A malicious or socially engineered administrator could configure a honey-pot route to intercept and exfiltrate user credentials, potentially creating a backdoor for persistent access even after their permissions are revoked.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and exfiltration of user credentials, allowing for unauthorized access to user accounts. Additionally, it could create a backdoor for persistent access after an administrator's permissions are revoked.

Reproduction

To reproduce this vulnerability, an administrator must create a route in the Ansible Automation Platform Gateway with a double-slash prefix in the gateway_path. This can be done by bypassing the validation that normally prevents such paths, effectively setting up a honey-pot route that captures user credentials.

Remediation

Users can upgrade to Red Hat Ansible Automation Platform 2.6 or 2.5, both of which include the necessary fix. Instructions for applying this update are available in the Red Hat Ansible Automation Platform 2.6 and 2.5 release notes.

Added: Feb 27, 2026, 8:21 AM
Updated: Feb 27, 2026, 2:28 PM

Vulnerability Rating

Custom Algorithm
spread
6.2
impact
2.5
exploitability
5.2
remediation
7.7
relevance
3.3
threat
1.6
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.