Volerion logoVolerion
Volerion logoVolerion

Red Hat Ansible Automation Platform 2.6 AAP Gateway Account Hijacking Vulnerability via Unverified Email Linking

Vulnerability

A vulnerability exists in the AAP gateway of Red Hat Ansible Automation Platform 2.6. The issue arises from the user auto-link strategy, which automatically connects an external Identity Provider (IDP) identity to an existing AAP user account based on email matching, without verifying email ownership. This flaw could allow a remote attacker to hijack a victim's account or gain unauthorized access to other accounts, including administrative ones, by manipulating the IDP-provided email.

Impact

Exploitation of this vulnerability could lead to account hijacking and unauthorized access, allowing attackers to access victims' accounts or administrative accounts.

Reproduction

To reproduce this vulnerability, an attacker must link an IDP identity to an AAP account by providing an email that matches an existing user's email. This can be done without verifying ownership of the email, allowing access to the linked account.

Remediation

Users can update to Red Hat Ansible Automation Platform 2.6 for RHEL 9 or RHEL 10, where this vulnerability has been fixed.

Added: May 4, 2026, 2:20 PM
Updated: May 4, 2026, 2:20 PM

Vulnerability Rating

Custom Algorithm
spread
6.2
impact
5.0
exploitability
5.2
remediation
7.7
relevance
7.4
threat
1.6
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.