diff --git a/sos-RHEL-13701-aap-passwords.patch b/sos-RHEL-13701-aap-passwords.patch
new file mode 100644
index 0000000..f744a64
--- /dev/null
+++ b/sos-RHEL-13701-aap-passwords.patch
@@ -0,0 +1,41 @@
+From c6ab24eb8e2bf02c75d0ffa8447032543eb4ea43 Mon Sep 17 00:00:00 2001
+From: "Dr. Jason Breitweg" <jason@breitweg.com>
+Date: Tue, 10 Oct 2023 09:50:29 +0200
+Subject: [PATCH] Fix dynaconf obfuscation and add AUTH_LDAP_BIND_PASSWORD
+
+Signed-off-by: Dr. Jason Breitweg <jason@breitweg.com>
+
+Fixed style issues
+Signed-off-by: Jason Breitweg jbreitwe@redhat.com
+
+Signed-off-by: Dr. Jason Breitweg <jason@breitweg.com>
+
+Fixed yet more linting errors
+Signed-off-by: Jason Breitweg jbreitwe@redhat.com
+
+Signed-off-by: Dr. Jason Breitweg <jason@breitweg.com>
+---
+ sos/report/plugins/pulp.py | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/sos/report/plugins/pulp.py b/sos/report/plugins/pulp.py
+index df007168a..f5c762f48 100644
+--- a/sos/report/plugins/pulp.py
++++ b/sos/report/plugins/pulp.py
+@@ -170,10 +170,13 @@ def postproc(self):
+         repl = r"\1********"
+         self.do_path_regex_sub("/etc/pulp(.*)(.json$)", jreg, repl)
+ 
+-        # obfuscate SECRET_KEY = .. and 'PASSWORD': .. in dynaconf list output
+-        # and also in settings.py
++        # obfuscate SECRET_KEY = .., 'PASSWORD': ..,
++        # and AUTH_LDAP_BIND_PASSWORD = ..
++        # in dynaconf list output and also in settings.py
+         # count with option that PASSWORD is with(out) quotes or in capitals
+-        key_pass_re = r"(SECRET_KEY\s*=|(password|PASSWORD)(\"|'|:)+)\s*(\S*)"
++        key_pass_re = r"((?:SECRET_KEY|AUTH_LDAP_BIND_PASSWORD)" \
++                      r"(?:\<.+\>)?(\s*=)?|(password|PASSWORD)" \
++                      r"(\"|'|:)+)\s*(\S*)"
+         repl = r"\1 ********"
+         self.do_path_regex_sub("/etc/pulp/settings.py", key_pass_re, repl)
+         self.do_cmd_output_sub("dynaconf list", key_pass_re, repl)
diff --git a/sos.spec b/sos.spec
index d14d840..eb0a23e 100644
--- a/sos.spec
+++ b/sos.spec
@@ -5,7 +5,7 @@
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
 Version: 4.6.0
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
 Source1: sos-audit-%{auditversion}.tgz
@@ -24,6 +24,7 @@ Conflicts: vdsm < 4.40
 Obsoletes: sos-collector <= 1.9
 Patch1: sos-SUPDEV145-ovnkube-logs.patch
 Patch2: sos-SUPDEV148-microshift-greenboot.patch
+Patch3: sos-RHEL-13701-aap-passwords.patch
 
 %description
 Sos is a set of tools that gathers information about system
@@ -36,6 +37,7 @@ support technicians and developers.
 %setup -T -D -a1 -q
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %py3_build
@@ -108,6 +110,10 @@ of the system.  Currently storage and filesystem commands are audited.
 
 
 %changelog
+* Tue Oct 17 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-4
+- [pulp] Fix dynaconf obfuscation and add AUTH_LDAP_BIND_PASSWORD
+  Resolves: RHEL-13701
+
 * Thu Oct 12 2023 Pavel Moravec <pmoravec@redhat.com> = 4.6.0-3
 - [greenboot] seperate logs to a standalone plugin; enhance [microshift]
   Resolves: SUPDEV148