CVE-2025-9907 Red Hat — Exploit & Vulnerability Details MEDIUM

Parameter	Value
CVSS	6.7 (MEDIUM)
Affected Versions	before 2.6
Fixed In	2.6
Type	CWE-200 (Information Exposure)
Vendor	Red Hat
Public PoC	No

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. The possible outcome includes leakage of internal infrastructure details, accidental disclosure of user or system credentials, privilege escalation if high-value tokens are exposed, and persistent sensitive data exposure to all users with read access on the event stream.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-200 Information Exposure

Vulnerable Products 7

Configuration	From (including)	Up to (excluding)
Redhat Ansible_Automation_Platform cpe:2.3:a:redhat:ansible_automation_platform::::::::	—	`2.6`
Redhat Ansible_Developer cpe:2.3:a:redhat:ansible_developer:1.2:::::::*	—	—
Redhat Ansible_Developer cpe:2.3:a:redhat:ansible_developer:1.3:::::::*	—	—
Redhat Ansible_Inside cpe:2.3:a:redhat:ansible_inside:1.3:::::::*	—	—
Redhat Ansible_Inside cpe:2.3:a:redhat:ansible_inside:1.4:::::::*	—	—
Redhat Enterprise_Linux cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*	—	—
Redhat Enterprise_Linux cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*	—	—