Sensitive Data Exposure via test_headers in Red Hat Ansible EDA Event Stream API
CVE-2025-9907 Published on February 27, 2026
Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. The possible outcome includes leakage of internal infrastructure details, accidental disclosure of user or system credentials, privilege escalation if high-value tokens are exposed, and persistent sensitive data exposure to all users with read access on the event stream.
Vulnerability Analysis
CVE-2025-9907 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Timeline
Reported to Red Hat.
Made public. 14 days later.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2025-9907 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2025-9907
Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.
Affected Versions
Red Hat Ansible Automation Platform 2.5 for RHEL 8:- Version 0:3.1.1-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:25.12.2-1.1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:0.1.4-1.el8ap and below * is unaffected.
- Version 0:1.1.14-1.el8ap and below * is unaffected.
- Version 0:4.10.10-1.el8ap and below * is unaffected.
- Version 0:2.13.0-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:0.4.0-1.el8ap and below * is unaffected.
- Version 0:4.2.26-1.el8ap and below * is unaffected.
- Version 0:2.1.2-1.el8ap and below * is unaffected.
- Version 0:0.4.36-2.el8ap and below * is unaffected.
- Version 0:4.10.10-1.el8ap and below * is unaffected.
- Version 0:23.0.0-1.el8ap and below * is unaffected.
- Version 0:1.6.0-1.el8ap and below * is unaffected.
- Version 0:9.0.1-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.el8ap and below * is unaffected.
- Version 0:3.8.0-1.el8ap and below * is unaffected.
- Version 0:0.2.15-1.el8ap and below * is unaffected.
- Version 0:0.4.2-1.el8ap and below * is unaffected.
- Version 0:25.12.0-1.2.el8ap and below * is unaffected.
- Version 0:4.15.0-1.el8ap and below * is unaffected.
- Version 0:3.1.1-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:25.12.2-1.1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:0.1.4-1.el9ap and below * is unaffected.
- Version 0:1.1.14-1.el9ap and below * is unaffected.
- Version 0:4.10.10-1.el9ap and below * is unaffected.
- Version 0:2.13.0-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:0.4.0-1.el9ap and below * is unaffected.
- Version 0:4.2.26-1.el9ap and below * is unaffected.
- Version 0:2.1.2-1.el9ap and below * is unaffected.
- Version 0:0.4.36-2.el9ap and below * is unaffected.
- Version 0:4.10.10-1.el9ap and below * is unaffected.
- Version 0:23.0.0-1.el9ap and below * is unaffected.
- Version 0:1.6.0-1.el9ap and below * is unaffected.
- Version 0:9.0.1-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.el9ap and below * is unaffected.
- Version 0:3.8.0-1.el9ap and below * is unaffected.
- Version 0:0.2.15-1.el9ap and below * is unaffected.
- Version 0:0.4.2-1.el9ap and below * is unaffected.
- Version 0:25.12.0-1.2.el9ap and below * is unaffected.
- Version 0:4.15.0-1.el9ap and below * is unaffected.
- Version 0:1.2.1-1.el9ap and below * is unaffected.
- Version sha256:07673470fb62db8bec12ec20b2500228c0c6d5108916dd936d91e10610b783d1 and below * is unaffected.
- Version sha256:142125ce7f176ce4d9755f3124714bbfd8e10a687378988761d5451bd135ca76 and below * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.