CVE-2026-11807

Publié : 23 juin 2026

Modifié : 24 juin 2026

Score CVSS

9.6

CRITICAL

Description détaillée

A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Références et Patchs

https://access.redhat.com/errata/RHSA-2026:28376 https://access.redhat.com/errata/RHSA-2026:28377 https://access.redhat.com/errata/RHSA-2026:28492 https://access.redhat.com/errata/RHSA-2026:28497 https://access.redhat.com/security/cve/CVE-2026-11807 https://bugzilla.redhat.com/show_bug.cgi?id=2487036

Dernières Vulnérabilités

CVE-2026-9155

OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.

VOIR DÉTAILS

CVE-2026-9154

Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.

VOIR DÉTAILS

CVE-2026-9153

Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.

VOIR DÉTAILS