Authentication Bypass Vulnerability in AAP Gateway Envoy Proxy by Red Hat
CVE-2026-12382

8.2HIGH

Key Information:

Vendor

Red Hat

Vendor
CVE Published:
15 July 2026

What is CVE-2026-12382?

A flaw in the configuration of the AAP Gateway Envoy proxy has been identified, where the non-mTLS route to EDA event streams fails to eliminate the Subject HTTP header from client requests. Although the source code specifies requestHeadersToRemove for this header, it is not processed correctly. This oversight allows an unauthenticated remote attacker to inject a spoofed Subject header that can match a legitimate client certificate Distinguished Name (DN), thus bypassing mTLS authentication. Consequently, this enables the attacker to inject arbitrary events into the protected EDA event streams, posing a severe security risk.

References

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

This issue was discovered by Chris Meyers (Red Hat).
.