Back to overview

CVE-2026-12382

HIGH
8.2
CVSS 3.1
Description
A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed Subject header matching a legitimate client certificate DN to bypass mTLS authentication and inject arbitrary events into protected EDA event streams.

Metadata

CVE ID
CVE-2026-12382
State
PUBLISHED
Assigner
redhat
Reserved
2026-06-16 10:07 UTC
Published
2026-07-15 17:21 UTC
Last updated
2026-07-15 18:09 UTC
Primary CWE
CWE-290
Authentication Bypass by Spoofing
Vendor / Product
Red Hat / Red Hat Ansible Automation Platform 2
Sources
cve.org  ·  NVD

Severity & Metrics

8.2 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (2)
VendorProductPlatformVersions
Red Hat Red Hat Ansible Automation Platform 2
Red Hat Red Hat Ansible Automation Platform 2
Weakness (CWE)
CWESourceDescription
CWE-290 cna Authentication Bypass by Spoofing
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.2 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Back to overview