Severity by source
AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from Vendor (redhat).
CVSS VectorVendor: redhat
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.format yaml import". This is a client-side vulnerability requiring user interaction.
AnalysisAI
Path traversal in awxkit's YAML !include directive exposes arbitrary local files when a user imports a crafted YAML file via the AWX CLI. Affecting Red Hat Ansible Automation Platform 2, the vulnerability (CWE-22) allows an unauthenticated attacker who can deliver a malicious YAML file to a victim to read arbitrary YAML-formatted files from that user's local filesystem - including potentially sensitive configuration, credential, or key material files - without any write or execution capability. No public exploit identified at time of analysis; CVSS 4.7 reflects the real-world constraints of local attack vector, high complexity, and mandatory user interaction.
Technical ContextAI
awxkit is the Python-based CLI tool bundled with AWX and Red Hat Ansible Automation Platform 2 (CPE: cpe:2.3:a:red_hat:red_hat_ansible_automation_platform_2). It uses a custom YAML !include directive to allow configuration composition at import time. The root cause (CWE-22 - Improper Limitation of a Pathname to a Restricted Directory) is the absence of path canonicalization or allowlist validation on the argument passed to !include before it is resolved against the local filesystem. When the CLI processes awx --conf.format yaml import, it parses the YAML and blindly follows any !include path, including those containing sequences such as ../../ that traverse outside the intended directory. The attack surface is entirely client-side: the parsing happens in the context of the user executing the CLI, not on a server, which is why CVSS reflects a local (AV:L) attack vector.
RemediationAI
No explicit patched version is identified in currently available data - the advisory references (https://access.redhat.com/security/cve/CVE-2026-52902 and https://bugzilla.redhat.com/show_bug.cgi?id=2486729) should be monitored for an official fix release from Red Hat. Until a patch is available, the primary compensating control is operational: do not run awx --conf.format yaml import against YAML files obtained from untrusted sources, shared repositories, or external parties. If awxkit usage requires importing external configs, inspect YAML files manually for !include directives before importing - specifically checking for path traversal sequences (../) in any !include arguments. Organizations should enforce a policy that AWX YAML imports only occur from files generated internally or cryptographically verified. Note that these controls depend on user discipline and are not enforcement-layer mitigations; they do not eliminate the underlying flaw.
Credential disclosure in Red Hat Ansible Automation Platform 2.5 and 2.6 allows any authenticated user to retrieve plain
mTLS authentication bypass in the Red Hat Ansible Automation Platform (AAP) Gateway Envoy proxy allows unauthenticated r
Remote code execution in galaxy_ng's legacy role import API (v1) allows an authenticated user controlling a git reposito
Container privilege escalation in Red Hat Ansible Automation Platform 2 allows non-root users within affected container
Server-Side Request Forgery in AWX's GitHub webhook integration (Red Hat Ansible Automation Platform 2) enables a remote
Insufficient OAuth token invalidation in Ansible Lightspeed (part of Red Hat Ansible Automation Platform 2.x) allows a r
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35389
GHSA-g29c-rgq6-gxgj