Insecure WebSocket Connection in Ansible Rulebook EDA Server Exposes System Data
CVE-2024-1657

8.1HIGH

Key Information:

Vendor
Red Hat
Status
Red Hat Ansible Automation Platform 2.4 For Rhel 8
Red Hat Ansible Automation Platform 2.4 For Rhel 9
Vendor
CVE Published:
25 April 2024

Summary

A vulnerability has been identified in the Ansible Automation Platform where an insecure WebSocket connection is utilized during the installation process from the Ansible rulebook EDA server. This security flaw allows an attacker with access to any machine within the same CIDR block to exploit the WebSocket, potentially leading to unauthorized downloading of all rulebook data. As a result, this vulnerability poses significant risks to the confidentiality and integrity of the system, enabling sensitive data exposures and unauthorized access to critical automation resources. Organizations using Ansible Automation Platform are advised to take immediate action to secure their WebSocket configurations and mitigate potential risks.

Affected Version(s)

Red Hat Ansible Automation Platform 2.4 for RHEL 8 0:2.4-6.el8ap

Red Hat Ansible Automation Platform 2.4 for RHEL 8 0:1.0.5-1.el8ap

Red Hat Ansible Automation Platform 2.4 for RHEL 8 0:1.0.5-1.el8ap

References

https://access.redhat.com/errata/RHSA-2024:1057
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1657
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2265085
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD DatabaseMitre Database
.