Container Privilege Escalation in Ansible Automation Platform
CVE-2025-57847

6.4MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Ansible Automation Platform 2
Vendor: CVE Published:; 8 April 2026

What is CVE-2025-57847?

A significant security flaw exists within the Ansible Automation Platform due to the improper setting of permissions for the /etc/passwd file during the image build process. This issue allows an attacker with command execution capabilities in a vulnerable container, even as a non-root user, to manipulate the /etc/passwd file if they are part of the root group. By exploiting this vulnerability, an attacker could introduce a new user with any user ID, potentially granting them root privileges within the container environment. Organizations are advised to review their deployment configurations and apply necessary updates to mitigate possible exploitation.

References

https://access.redhat.com/security/cve/CVE-2025-57847

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2391092

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Aug 21, 2025

Credit

Red Hat would like to thank Antony Di Scala and Mike Whale for reporting this issue.

CVE-2025-57847 Data

JSON