{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T09:09:27.380","vulnerabilities":[{"cve":{"id":"CVE-2025-7738","sourceIdentifier":"secalert@redhat.com","published":"2025-07-31T14:15:35.177","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse."},{"lang":"es","value":"Se detectó una falla en Ansible Automation Platform (AAP) donde la API Gateway devuelve el secreto del cliente para ciertos autenticadores de GitHub Enterprise en texto sin cifrar. Esta vulnerabilidad afecta a administradores o auditores que acceden a las configuraciones del autenticador. Si bien el acceso está limitado a usuarios con privilegios, la exposición en texto sin cifrar de credenciales confidenciales aumenta el riesgo de filtraciones accidentales o uso indebido."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:12772","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-7738","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2381589","source":"secalert@redhat.com"},{"url":"https://github.com/ansible/django-ansible-base/commit/e241ea4dce8df577eda15301e0a8e61be647b27b","source":"secalert@redhat.com"},{"url":"https://github.com/ansible/django-ansible-base/pull/773","source":"secalert@redhat.com"}]}}]}