Horizon Alert
Summary of the vulnerability and why it matters
A vulnerability in the Event-Driven Ansible websocket API allows authenticated users to access sensitive credentials, such as OAuth tokens, vault passwords, and SSH keys. This issue stems from the API's failure to properly verify user permissions, potentially exposing critical security information to unauthorized individuals. The main concern is confirming relevance and exposure within your environment.
- Unauthenticated access to critical credentials.
- Potential for significant data exposure and misuse.
- Confirm relevance and assess exposure to sensitive data.
Attack Path
How an attacker could exploit the issue
An attacker with authenticated access to the Event-Driven Ansible websocket API can exploit a missing authorization check. By sending a specially crafted message to the `/api/eda/ws/ansible-rulebook` endpoint, an attacker can trick the system into revealing sensitive credentials associated with any activation ID. This could lead to unauthorized access to resources protected by OAuth tokens, vault passwords, or SSH keys.
- Authenticated user is required.
- Worker messages are processed without permission checks.
- Sensitive credentials may be exposed.
Live Threat
Current exploitation, exposure, and threat context
An authenticated user could potentially access plaintext credentials, such as OAuth tokens, vault passwords, and SSH keys, by sending a forged message to the Event-Driven Ansible websocket API. This is possible when the API's /api/eda/ws/ansible-rulebook endpoint processes Worker messages without properly verifying user permissions.
- Plaintext credentials could be exposed.
- Forged messages bypass permission checks.
- Compromised credentials could grant unauthorized access.
Operational Fix
Recommended remediation, mitigation, and detection steps
Application owners and platform teams are most likely responsible for addressing this vulnerability in the Event-Driven Ansible (EDA) websocket API. The first practical step is to identify all EDA instances, confirm their network exposure, and determine which are business-critical to prioritize remediation efforts.
- Application and platform teams own resolution.
- Verify EDA instance exposure and criticality.
- Plan remediation based on identified risk.