CVE-2025-53862

Summary

A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information.

Affected Software

VendorProductVersion RangeStatus

Weaknesses

  • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

Workarounds

Currently, there is no mitigation available for this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References