A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system.
Weakness
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Ansible Automation Platform 2.4 for RHEL 8 | RedHat | ansible-automation-platform-installer-0:2.4-6.el8ap | * |
| Red Hat Ansible Automation Platform 2.4 for RHEL 8 | RedHat | ansible-rulebook-0:1.0.5-1.el8ap | * |
| Red Hat Ansible Automation Platform 2.4 for RHEL 8 | RedHat | automation-eda-controller-0:1.0.5-1.el8ap | * |
| Red Hat Ansible Automation Platform 2.4 for RHEL 9 | RedHat | ansible-automation-platform-installer-0:2.4-6.el9ap | * |
| Red Hat Ansible Automation Platform 2.4 for RHEL 9 | RedHat | ansible-rulebook-0:1.0.5-1.el9ap | * |
| Red Hat Ansible Automation Platform 2.4 for RHEL 9 | RedHat | automation-eda-controller-0:1.0.5-1.el9ap | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/102.html
- https://cwe.mitre.org/data/definitions/117.html
- https://cwe.mitre.org/data/definitions/383.html
- https://cwe.mitre.org/data/definitions/477.html
- https://cwe.mitre.org/data/definitions/65.html
References
- https://access.redhat.com/errata/RHSA-2024:1057
- https://access.redhat.com/security/cve/CVE-2024-1657
- https://bugzilla.redhat.com/show_bug.cgi?id=2265085
- https://access.redhat.com/errata/RHSA-2024:1057
- https://access.redhat.com/security/cve/CVE-2024-1657
- https://bugzilla.redhat.com/show_bug.cgi?id=2265085