Detections
Analytics

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update (Moderate) (RHSA-2025:14686)

high Nessus Plugin ID 259939

Language:

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14686 advisory.

 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

 Security Fix(es):

 * automation-controller: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)

 * python3.11-django: Django Path Injection Vulnerability (CVE-2025-48432)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

 Updates and fixes included:

 Automation platform
 * Enhanced Support for Streaming Chat Responses (AAP-51756)
 * Improved LDAP filter parsing/handling (AAP-51591)
 * Updated AAP to allow for HTTP headers to be passed through envoy when HTTPS is offloaded by another device in front of envoy (AAP-51347)
 * Updated the OpenAPI spec to now reflect all available query parameters (AAP-49824)
 * Added a new field on AzureAD authenticator called 'Field to use as username' which allows use of an arbitrary field from the assertion as the username (AAP-49481)
 * Fixed migration scenarios that left legacy users in a partly migrated state to now migrate properly to gateway (AAP-43251)
 * Removed the required label from the Organization field for Galaxy credentials in the controller Credential Create and Edit forms (AAP-51587)
 * Fixed the 'LOGIN_REDIRECT_OVERRIDE' to be respected (AAP-49726)
 * Fixed a breadcrumb in a launch template to no longer send users to the wrong URL (AAP-44194)
 * Fixed the subscription entitlement window to no longer display again after AAP has been entitled when running in a load-balanced environment with multiple controller web pods (AAP-43883)
 * Updated the AAP User Interface to allow all users to see the Notifiers tab (AAP-41342)
 * Added the limit field on the job details page (AAP-36118)
 * automation-gateway has been updated to 2.5.20250827
 * python3.11-django-ansible-base has been updated to 2.5.20250827

 Automation controller
 * Galaxy credentials can now be created and edited without the need to specify an organization (AAP-51614)
 * Fixed the subscription functionality to no longer attach before subscription credentials have been set, and to return a '400 Bad Request' error instead (AAP-50322)
 * automation-controller has been updated to 4.6.19

 Event-Driven Ansible
 * Fixed project import state to no longer be stuck at pending or running (AAP-51643)
 * Fixed EDA to allow '%20' in the project git URL (AAP-51642)
 * Fixed 'MQ_TLS' to accept a boolean value (AAP-51012)
 * Fixed missing RPM dependency for PostgreSQL client which resulted in container images missing psql binaries (AAP-50941)
 * Fixed a bug to no longer prevent a user who belonged to a team with an EDA organization Project Admin role to be able see the organization (AAP-50921)
 * automation-eda-controller has been updated to 1.1.13

 Container-based Ansible Automation Platform
 * Implemented PostgreSQL extra settings parameter on the installer (AAP-51533)
 * Fixed the Redis hostname to no longer fail to be set in a disconnected environment (AAP-51532)
 * Updated preflight checks to temporarily check PostgreSQL version to use a CA bundle from the VM server with the custom cert appended, if provided (AAP-50884)
 * Fixed PCP data permissions by migrating the data to a podman volume instead of a bind mount (AAP-50807)
 * Fixed a parameter to allow excluding subdirs during the Automation Hub backup process (AAP-50784)
 * Added an exclusion parameter for Containerized Backup, allowing users to specify snapshot paths to be excluded from the backup process (AAP-46767)
 * containerized installer setup has been updated to 2.5-18

 RPM-based Ansible Automation Platform
 * Added 'postgres_extra_settings' for postgresql.conf customization for managed database installations (AAP-51462)
 * Fixed automation controller nodes so they are removed from the gateway registry when set to a deprovision state (AAP-51461)
 * Fixed the installer to no longer fail when disabling HTTPS for gateway and/or gateway proxy (envoy) (AAP-48606)
 * ansible-automation-platform-installer and installer setup have been updated to 2.5-17

 Additional changes:
 * automation-hub has been updated to 4.10.7
 * python3.11-django has been updated to 4.2.23
 * python3.11-galaxy-ng has been updated to 4.10.7

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2366982

https://bugzilla.redhat.com/show_bug.cgi?id=2370365

http://www.nessus.org/u?766294da

https://access.redhat.com/errata/RHSA-2025:14686

Plugin Details

Severity: High

ID: 259939

File Name: redhat-RHSA-2025-14686.nasl

Version: 1.1

Type: local

Agent: unix

Published: 8/31/2025

Updated: 8/31/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-47273

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 7.7

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:automation-controller-ui, p-cpe:/a:redhat:enterprise_linux:python3.11-django, p-cpe:/a:redhat:enterprise_linux:automation-controller, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:automation-controller-server, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:automation-controller-venv-tower, p-cpe:/a:redhat:enterprise_linux:automation-controller-cli

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/26/2025

Vulnerability Publication Date: 5/17/2025

Reference Information

CVE: CVE-2025-47273, CVE-2025-48432

CWE: 117, 22

RHSA: 2025:14686