CVE-2024-1657

Platform: insecure websocket used when interacting with eda server

Description

A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system.

References

Link	Tags
https://access.redhat.com/errata/RHSA-2024:1057	vendor advisory
https://access.redhat.com/security/cve/CVE-2024-1657	vdb entry
https://bugzilla.redhat.com/show_bug.cgi?id=2265085	issue tracking

Frequently Asked Questions

What is the severity of CVE-2024-1657?: CVE-2024-1657 has been scored as a high severity vulnerability.
How to fix CVE-2024-1657?: To fix CVE-2024-1657, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-1657 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-1657 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-1657?: CVE-2024-1657 affects Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9, Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9, Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9.

Description

Category

CWE-1385 – Missing Origin Validation in WebSockets

References

Frequently Asked Questions