CVE-2025-1801
Published: 03 March 2025
Description
Adversaries can steal application access tokens as a means of acquiring credentials to access remote systems and resources.
Security Summary
CVE-2025-1801 is a concurrency vulnerability in the Ansible Automation Platform (AAP) gateway, specifically within its gRPC service. The flaw arises from race conditions triggered by concurrent requests against the proxy, as published on 2025-03-03. It has a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) and is associated with CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization).
A low-privileged user can exploit this issue remotely over the network with low complexity and no user interaction required. By sending concurrent requests, the attacker can obtain a JSON Web Token (JWT) belonging to a higher-privileged user, potentially compromising server integrity, user sessions, or confidential data.
Red Hat advisories provide mitigation details, including errata RHSA-2025:1954, the CVE security page at https://access.redhat.com/security/cve/CVE-2025-1801, and Bugzilla entry https://bugzilla.redhat.com/show_bug.cgi?id=2349081.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The race condition vulnerability enables low-privileged users to exploit concurrent requests in the gRPC proxy to steal higher-privileged JWT access tokens, directly mapping to exploitation for privilege escalation and credential access via stealing application access tokens.