Command Injection Vulnerability in Ansible Automation Platform's EDA Component
CVE-2025-49520

8.8HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Ansible Automation Platform 2
Vendor: CVE Published:; 30 June 2025

What is CVE-2025-49520?

A security flaw exists in Ansible Automation Platform's EDA component that arises from the improper handling of user-supplied Git URLs. This vulnerability enables an authenticated attacker to inject arbitrary arguments into the git ls-remote command, facilitating the execution of unauthorized commands on the EDA worker. In environments utilizing Kubernetes or OpenShift, this flaw could result in the theft of service account tokens and unauthorized access to the cluster.

References

https://access.redhat.com/security/cve/CVE-2025-49520

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2370812

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
Jun 6, 2025

Red Hat

What is CVE-2025-49520?

References

CVSS V3.1

Timeline