A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Ansible Automation Platform
  • Ansible Automation Platform Developer
  • Ansible Automation Platform Inside

No data.

No data.

No data.

References
Link Providers
https://access.redhat.com/errata/RHSA-2025:21768 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:21775 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:23069 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:23131 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-9909 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2392836 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-9909 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-9909 cve-icon
History

Fri, 27 Feb 2026 08:00:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.
Title aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration Aap-gateway: improper path validation in gateway allows credential exfiltration
First Time appeared Redhat
Redhat ansible Automation Platform
Redhat ansible Automation Platform Developer
Redhat ansible Automation Platform Inside
CPEs cpe:/a:redhat:ansible_automation_platform:2.5::el8
cpe:/a:redhat:ansible_automation_platform:2.5::el9
cpe:/a:redhat:ansible_automation_platform:2.6::el9
cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9
cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9
Vendors & Products Redhat
Redhat ansible Automation Platform
Redhat ansible Automation Platform Developer
Redhat ansible Automation Platform Inside
References

Fri, 19 Sep 2025 00:15:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration
Weaknesses CWE-647
References
Metrics threat_severity

None

 cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-02-27T07:30:00.885Z

Reserved: 2025-09-03T07:57:09.461Z

Link: CVE-2025-9909

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-02-27T08:17:08.510

Modified: 2026-02-27T08:17:08.510

Link: CVE-2025-9909

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-09-17T23:59:00Z

Links: CVE-2025-9909 - Bugzilla

cve-icon OpenCVE Enrichment

No data.