Search

Find a vulnerability

Search criteria

    28 vulnerabilities found for Red Hat Satellite 6.16 for RHEL 9 by Red Hat

    CVE-2026-5142 (GCVE-0-2026-5142)

    Vulnerability from nvd – Published: 2026-07-01 14:07 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
    Summary
    A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5142 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452999 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-04-30 12:34
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T15:01:12.115967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T15:01:19.821Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-04-30T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in foreman. Authenticated users with \u0027view_keypairs\u0027 permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:16.614Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5142"
            },
            {
              "name": "RHBZ#2452999",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452999"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T12:04:45.283Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-30T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5142",
        "datePublished": "2026-07-01T14:07:55.662Z",
        "dateReserved": "2026-03-30T12:08:56.764Z",
        "dateUpdated": "2026-07-01T23:53:16.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5138 (GCVE-0-2026-5138)

    Vulnerability from nvd – Published: 2026-07-01 14:08 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: information disclosure via improper validation of nested request parameters
    Summary
    A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5138 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452971 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-07-01 12:29
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T14:39:42.711601Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:39:49.816Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-07-01T12:29:33.423Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:14.772Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5138"
            },
            {
              "name": "RHBZ#2452971",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452971"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T10:51:04.461Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-07-01T12:29:33.423Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: information disclosure via improper validation of nested request parameters",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5138",
        "datePublished": "2026-07-01T14:08:43.978Z",
        "dateReserved": "2026-03-30T10:53:25.776Z",
        "dateUpdated": "2026-07-01T23:53:14.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5135 (GCVE-0-2026-5135)

    Vulnerability from nvd – Published: 2026-07-01 14:08 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: unauthorized modification of host configurations via broken access control
    Summary
    A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5135 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452230 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-04-15 12:34
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5135",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T14:52:27.488776Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:54:21.883Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-04-15T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:14.087Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5135"
            },
            {
              "name": "RHBZ#2452230",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452230"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-27T13:22:30.704Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-15T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: unauthorized modification of host configurations via broken access control",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5135",
        "datePublished": "2026-07-01T14:08:39.712Z",
        "dateReserved": "2026-03-30T10:42:55.307Z",
        "dateUpdated": "2026-07-01T23:53:14.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5136 (GCVE-0-2026-5136)

    Vulnerability from nvd – Published: 2026-07-01 13:28 – Updated: 2026-07-02 03:56
    VLAI
    Title
    Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation
    Summary
    A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5136 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452970 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-07-01 12:28
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5136",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T03:56:14.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-07-01T12:28:21.744Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user\u0027s permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:37:57.480Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5136"
            },
            {
              "name": "RHBZ#2452970",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452970"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T10:41:48.559Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-07-01T12:28:21.744Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5136",
        "datePublished": "2026-07-01T13:28:00.316Z",
        "dateReserved": "2026-03-30T10:47:46.043Z",
        "dateUpdated": "2026-07-02T03:56:14.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1961 (GCVE-0-2026-1961)

    Vulnerability from nvd – Published: 2026-03-26 12:53 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Forman: foreman: remote code execution via command injection in websocket proxy
    Summary
    A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.12-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9     cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2026-03-26 12:30
    Credits
    Red Hat would like to thank Houssam Sahli for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1961",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-26T13:11:15.689121Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-26T13:11:42.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-03-27T16:18:13.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/03/27/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.18::el9",
                  "cpe:/a:redhat:satellite_capsule:6.18::el9",
                  "cpe:/a:redhat:satellite_utils:6.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.18 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-26T12:30:45.446Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman\u0027s WebSocket proxy implementation. This vulnerability arises from the system\u0027s use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:04.779Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1961"
              },
              {
                "name": "RHBZ#2437036",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437036"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1961.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5968"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-05T10:40:57.141Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-26T12:30:45.446Z",
                "value": "Made public."
              }
            ],
            "title": "forman: Foreman: Remote Code Execution via command injection in WebSocket proxy",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.12-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-utils:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Houssam Sahli for reporting this issue."
            }
          ],
          "datePublic": "2026-03-26T12:30:45.446Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman\u0027s WebSocket proxy implementation. This vulnerability arises from the system\u0027s use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T04:12:46.774Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1961"
            },
            {
              "name": "RHBZ#2437036",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437036"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-05T10:40:57.141Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-03-26T12:30:45.446Z",
              "value": "Made public."
            }
          ],
          "title": "Forman: foreman: remote code execution via command injection in websocket proxy",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1961",
        "datePublished": "2026-03-26T12:53:09.566Z",
        "dateReserved": "2026-02-05T10:43:18.671Z",
        "dateUpdated": "2026-06-30T12:07:04.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10990 (GCVE-0-2025-10990)

    Vulnerability from nvd – Published: 2026-02-27 13:32 – Updated: 2026-06-25 23:53
    VLAI
    Title
    Rexml: rexml: denial of service via inefficient regex parsing
    Summary
    A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1333 - Inefficient Regular Expression Complexity
    Assigner
    Impacted products
    Vendor Product Version
    Unaffected: 6.17.5
    Unaffected: 6.16.5.4
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:8.8.1-3.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:8.8.1-3.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:8.8.1-3.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Satellite Client 6 for RHEL 8 Unaffected: 0:7.34.0-4.el8sat , < * (rpm)
        cpe:/a:redhat:rhel_satellite_client:6::el8
        cpe:/a:redhat:rhel_satellite_client:6::el9
    Create a notification for this product.
    Red Hat Satellite Client 6 for RHEL 9 Unaffected: 0:7.34.0-4.el9sat , < * (rpm)
        cpe:/a:redhat:rhel_satellite_client:6::el8
        cpe:/a:redhat:rhel_satellite_client:6::el9
    Create a notification for this product.
    Date Public
    2025-09-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10990",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T18:43:48.686335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T18:43:57.501Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.redhat.com/en/technologies/management/satellite",
              "defaultStatus": "unaffected",
              "packageName": "Red Hat Satellite",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "6.17.5"
                },
                {
                  "status": "unaffected",
                  "version": "6.16.5.4"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_satellite_client:6::el8",
                "cpe:/a:redhat:rhel_satellite_client:6::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Satellite Client 6 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:7.34.0-4.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_satellite_client:6::el8",
                "cpe:/a:redhat:rhel_satellite_client:6::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Satellite Client 6 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:7.34.0-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2025-09-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (\u0026#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1333",
                  "description": "Inefficient Regular Expression Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T23:53:54.096Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:17606",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17606"
            },
            {
              "name": "RHSA-2025:17613",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17613"
            },
            {
              "name": "RHSA-2025:17693",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17693"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-10990"
            },
            {
              "name": "RHBZ#2398216",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398216"
            },
            {
              "url": "https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f"
            },
            {
              "url": "https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m"
            },
            {
              "url": "https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-25T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-09-25T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Rexml: rexml: denial of service via inefficient regex parsing",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-1333: Inefficient Regular Expression Complexity"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-10990",
        "datePublished": "2026-02-27T13:32:02.309Z",
        "dateReserved": "2025-09-25T17:30:55.821Z",
        "dateUpdated": "2026-06-25T23:53:54.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0980 (GCVE-0-2026-0980)

    Vulnerability from nvd – Published: 2026-02-27 07:30 – Updated: 2026-03-26 23:10
    VLAI
    Title
    Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username
    Summary
    A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:5968 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:5970 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:5971 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-0980 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2429874 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.13.0-0.1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.13.0-0.1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2020-01-15 08:08
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T16:50:09.223915Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T18:49:02.471Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-rubyipmi",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2020-01-15T08:08:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:10:23.847Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-0980"
            },
            {
              "name": "RHBZ#2429874",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-15T08:50:01.841Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2020-01-15T08:08:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-0980",
        "datePublished": "2026-02-27T07:30:42.657Z",
        "dateReserved": "2026-01-15T08:53:56.962Z",
        "dateUpdated": "2026-03-26T23:10:23.847Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-9572 (GCVE-0-2025-9572)

    Vulnerability from nvd – Published: 2026-02-27 07:28 – Updated: 2026-03-24 11:28
    VLAI
    Title
    Foreman: satellite: graphql api permission bypass leads to information disclosure
    Summary
    n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    The Foreman Foreman Affected: 1.22.0 , < 3.16.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:6.15.5.7-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.12-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:6.16.5.6-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.12-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:6.16.5.6-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.11-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:4.18.0.4-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:6.18.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2025-08-29 06:12
    Credits
    Red Hat would like to thank Ohad Levy (Redhat) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9572",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T18:42:27.523966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T18:42:37.881Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "unaffected",
              "packageName": "foreman",
              "product": "Foreman",
              "vendor": "The Foreman",
              "versions": [
                {
                  "lessThan": "3.16.2",
                  "status": "affected",
                  "version": "1.22.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.15.5.7-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.12-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.16.5.6-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.12-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.16.5.6-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.11-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0.4-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.18.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Ohad Levy (Redhat) for reporting this issue."
            }
          ],
          "datePublic": "2025-08-29T06:12:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "n authorization flaw in Foreman\u0027s GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-24T11:28:32.518Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:21886",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21886"
            },
            {
              "name": "RHSA-2025:21893",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21893"
            },
            {
              "name": "RHSA-2025:21894",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21894"
            },
            {
              "name": "RHSA-2025:21897",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21897"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-9572"
            },
            {
              "name": "RHBZ#2391715",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391715"
            },
            {
              "url": "https://theforeman.org/security.html#2025-9572"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-08-29T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-08-29T06:12:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: satellite: graphql api permission bypass leads to information disclosure",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-863: Incorrect Authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-9572",
        "datePublished": "2026-02-27T07:28:44.391Z",
        "dateReserved": "2025-08-28T08:47:45.693Z",
        "dateUpdated": "2026-03-24T11:28:32.518Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1531 (GCVE-0-2026-1531)

    Vulnerability from nvd – Published: 2026-02-02 05:47 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification
    Summary
    A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.2.0-2.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.2.0-2.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9     cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2026-01-28 12:34
    Credits
    This issue was discovered by Evgeni Golov (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1531",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:26:15.329498Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:28:40.750Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.18::el9",
                  "cpe:/a:redhat:satellite_capsule:6.18::el9",
                  "cpe:/a:redhat:satellite_utils:6.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.18 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-28T12:34:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.059Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
              },
              {
                "name": "RHBZ#2433786",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1531.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5968"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:50:13.269Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-28T12:34:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.2.0-2.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.2.0-2.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Evgeni Golov (Red Hat)."
            }
          ],
          "datePublic": "2026-01-28T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:00:06.609Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
            },
            {
              "name": "RHBZ#2433786",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:50:13.269Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-01-28T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1531",
        "datePublished": "2026-02-02T05:47:09.570Z",
        "dateReserved": "2026-01-28T12:52:40.355Z",
        "dateUpdated": "2026-06-30T12:07:08.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1530 (GCVE-0-2026-1530)

    Vulnerability from nvd – Published: 2026-02-02 05:47 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation
    Summary
    A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:1.5.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Date Public
    2026-01-28 12:40
    Credits
    This issue was discovered by Evgeni Golov (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1530",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:26:13.539148Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:28:31.327Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-28T12:40:37.424Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.334Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
              },
              {
                "name": "RHBZ#2433784",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1530.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:39:43.076Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-28T12:40:37.424Z",
                "value": "Made public."
              }
            ],
            "title": "fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Evgeni Golov (Red Hat)."
            }
          ],
          "datePublic": "2026-01-28T12:40:37.424Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T20:31:44.599Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
            },
            {
              "name": "RHBZ#2433784",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:39:43.076Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-01-28T12:40:37.424Z",
              "value": "Made public."
            }
          ],
          "title": "Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1530",
        "datePublished": "2026-02-02T05:47:10.049Z",
        "dateReserved": "2026-01-28T12:41:52.835Z",
        "dateUpdated": "2026-06-30T12:07:08.334Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10622 (GCVE-0-2025-10622)

    Vulnerability from nvd – Published: 2025-11-05 07:32 – Updated: 2026-02-26 17:47
    VLAI
    Title
    Foreman: os command injection via ct_location and fcct_location parameters
    Summary
    A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    The Foreman Foreman Affected: 3.12.0 , < 3.16.1 (semver)
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.13-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.11-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.10-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.4-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_maintenance:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2025-11-01 23:59
    Credits
    Red Hat would like to thank Michał Bartoszuk (stmcyber.pl) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10622",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-06T04:55:32.773793Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:47:17.722Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "unaffected",
              "packageName": "foreman",
              "product": "Foreman",
              "vendor": "The Foreman",
              "versions": [
                {
                  "lessThan": "3.16.1",
                  "status": "affected",
                  "version": "3.12.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.13-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.11-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.10-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_maintenance:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.4-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Micha\u0142 Bartoszuk (stmcyber.pl) for reporting this issue."
            }
          ],
          "datePublic": "2025-11-01T23:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T20:07:02.486Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:19721",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19721"
            },
            {
              "name": "RHSA-2025:19832",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19832"
            },
            {
              "name": "RHSA-2025:19855",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19855"
            },
            {
              "name": "RHSA-2025:19856",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19856"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-10622"
            },
            {
              "name": "RHBZ#2396020",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
            },
            {
              "url": "https://theforeman.org/security.html#2025-10622"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-17T09:07:39.743Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-11-01T23:59:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: os command injection via ct_location and fcct_location parameters",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-10622",
        "datePublished": "2025-11-05T07:32:14.390Z",
        "dateReserved": "2025-09-17T11:48:59.825Z",
        "dateUpdated": "2026-02-26T17:47:17.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8553 (GCVE-0-2024-8553)

    Vulnerability from nvd – Published: 2024-10-31 15:01 – Updated: 2025-11-11 16:10
    VLAI
    Title
    Foreman: read-only access to entire db from templates
    Summary
    A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:8717 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8718 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-8553 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2312524 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.25-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Date Public
    2024-10-31 14:29
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-31T15:52:21.343746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:52:36.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.25-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-10-31T14:29:39.030Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:10:06.757Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:8717",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8717"
            },
            {
              "name": "RHSA-2024:8718",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8718"
            },
            {
              "name": "RHSA-2024:8719",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8719"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
            },
            {
              "name": "RHBZ#2312524",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-16T07:20:13.067Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-10-31T14:29:39.030Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: read-only access to entire db from templates",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-8553",
        "datePublished": "2024-10-31T15:01:16.401Z",
        "dateReserved": "2024-09-06T20:25:15.408Z",
        "dateUpdated": "2025-11-11T16:10:06.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7923 (GCVE-0-2024-7923)

    Vulnerability from nvd – Published: 2024-09-04 13:41 – Updated: 2025-11-11 16:12
    VLAI
    Title
    Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
    Summary
    An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7923 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2305718 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (custom)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Update Infrastructure 4 for Cloud Providers     cpe:/a:redhat:rhui:4::el8
    Create a notification for this product.
    Date Public
    2024-09-04 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:28:06.080066Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:29:14.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-pulpcore",
              "defaultStatus": "unaffected",
              "packageName": "pulpcore",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "pulpcore-selinux",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore-client",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-09-04T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:12:18.584Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7923"
            },
            {
              "name": "RHBZ#2305718",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-19T12:36:58.759Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7923",
        "datePublished": "2024-09-04T13:41:48.872Z",
        "dateReserved": "2024-08-19T12:40:08.047Z",
        "dateUpdated": "2025-11-11T16:12:18.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7012 (GCVE-0-2024-7012)

    Vulnerability from nvd – Published: 2024-09-04 13:41 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Puppet-foreman: an authentication bypass vulnerability exists in foreman
    Summary
    An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7012 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2299429 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (semver)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Date Public
    2024-09-04 13:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-23T17:16:24.550968Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-23T17:16:34.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-foreman",
              "defaultStatus": "unaffected",
              "packageName": "puppet-foreman",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-09-04T13:14:02.531Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:25.711Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7012"
            },
            {
              "name": "RHBZ#2299429",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299429"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T04:51:12.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:14:02.531Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-foreman: an authentication bypass vulnerability exists in foreman",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7012",
        "datePublished": "2024-09-04T13:41:17.877Z",
        "dateReserved": "2024-07-23T05:02:30.865Z",
        "dateUpdated": "2025-11-11T15:29:25.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5138 (GCVE-0-2026-5138)

    Vulnerability from cvelistv5 – Published: 2026-07-01 14:08 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: information disclosure via improper validation of nested request parameters
    Summary
    A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5138 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452971 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-07-01 12:29
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T14:39:42.711601Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:39:49.816Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-07-01T12:29:33.423Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:14.772Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5138"
            },
            {
              "name": "RHBZ#2452971",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452971"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T10:51:04.461Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-07-01T12:29:33.423Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: information disclosure via improper validation of nested request parameters",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5138",
        "datePublished": "2026-07-01T14:08:43.978Z",
        "dateReserved": "2026-03-30T10:53:25.776Z",
        "dateUpdated": "2026-07-01T23:53:14.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5135 (GCVE-0-2026-5135)

    Vulnerability from cvelistv5 – Published: 2026-07-01 14:08 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: unauthorized modification of host configurations via broken access control
    Summary
    A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5135 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452230 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-04-15 12:34
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5135",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T14:52:27.488776Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:54:21.883Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-04-15T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:14.087Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5135"
            },
            {
              "name": "RHBZ#2452230",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452230"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-27T13:22:30.704Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-15T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: unauthorized modification of host configurations via broken access control",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5135",
        "datePublished": "2026-07-01T14:08:39.712Z",
        "dateReserved": "2026-03-30T10:42:55.307Z",
        "dateUpdated": "2026-07-01T23:53:14.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5142 (GCVE-0-2026-5142)

    Vulnerability from cvelistv5 – Published: 2026-07-01 14:07 – Updated: 2026-07-01 23:53
    VLAI
    Title
    Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
    Summary
    A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5142 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452999 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-04-30 12:34
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T15:01:12.115967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T15:01:19.821Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-04-30T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in foreman. Authenticated users with \u0027view_keypairs\u0027 permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:53:16.614Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5142"
            },
            {
              "name": "RHBZ#2452999",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452999"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T12:04:45.283Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-30T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5142",
        "datePublished": "2026-07-01T14:07:55.662Z",
        "dateReserved": "2026-03-30T12:08:56.764Z",
        "dateUpdated": "2026-07-01T23:53:16.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5136 (GCVE-0-2026-5136)

    Vulnerability from cvelistv5 – Published: 2026-07-01 13:28 – Updated: 2026-07-02 03:56
    VLAI
    Title
    Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation
    Summary
    A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-5136 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2452970 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.17-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9 Unaffected: 0:3.18.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2026-07-01 12:28
    Credits
    Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5136",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T03:56:14.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.17-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.19::el9",
                "cpe:/a:redhat:satellite_capsule:6.19::el9",
                "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                "cpe:/a:redhat:satellite_utils:6.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.19 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.18.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-capsule:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue."
            }
          ],
          "datePublic": "2026-07-01T12:28:21.744Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user\u0027s permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T23:37:57.480Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:34365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34365"
            },
            {
              "name": "RHSA-2026:34366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34366"
            },
            {
              "name": "RHSA-2026:34367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34367"
            },
            {
              "name": "RHSA-2026:34368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:34368"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-5136"
            },
            {
              "name": "RHBZ#2452970",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452970"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-30T10:41:48.559Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-07-01T12:28:21.744Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-5136",
        "datePublished": "2026-07-01T13:28:00.316Z",
        "dateReserved": "2026-03-30T10:47:46.043Z",
        "dateUpdated": "2026-07-02T03:56:14.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1961 (GCVE-0-2026-1961)

    Vulnerability from cvelistv5 – Published: 2026-03-26 12:53 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Forman: foreman: remote code execution via command injection in websocket proxy
    Summary
    A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.12-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9     cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2026-03-26 12:30
    Credits
    Red Hat would like to thank Houssam Sahli for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1961",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-26T13:11:15.689121Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-26T13:11:42.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-03-27T16:18:13.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/03/27/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.18::el9",
                  "cpe:/a:redhat:satellite_capsule:6.18::el9",
                  "cpe:/a:redhat:satellite_utils:6.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.18 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-26T12:30:45.446Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman\u0027s WebSocket proxy implementation. This vulnerability arises from the system\u0027s use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:04.779Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1961"
              },
              {
                "name": "RHBZ#2437036",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437036"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1961.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5968"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-05T10:40:57.141Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-26T12:30:45.446Z",
                "value": "Made public."
              }
            ],
            "title": "forman: Foreman: Remote Code Execution via command injection in WebSocket proxy",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.12-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite-utils:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Houssam Sahli for reporting this issue."
            }
          ],
          "datePublic": "2026-03-26T12:30:45.446Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman\u0027s WebSocket proxy implementation. This vulnerability arises from the system\u0027s use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T04:12:46.774Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1961"
            },
            {
              "name": "RHBZ#2437036",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437036"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-05T10:40:57.141Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-03-26T12:30:45.446Z",
              "value": "Made public."
            }
          ],
          "title": "Forman: foreman: remote code execution via command injection in websocket proxy",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1961",
        "datePublished": "2026-03-26T12:53:09.566Z",
        "dateReserved": "2026-02-05T10:43:18.671Z",
        "dateUpdated": "2026-06-30T12:07:04.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10990 (GCVE-0-2025-10990)

    Vulnerability from cvelistv5 – Published: 2026-02-27 13:32 – Updated: 2026-06-25 23:53
    VLAI
    Title
    Rexml: rexml: denial of service via inefficient regex parsing
    Summary
    A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1333 - Inefficient Regular Expression Complexity
    Assigner
    Impacted products
    Vendor Product Version
    Unaffected: 6.17.5
    Unaffected: 6.16.5.4
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:8.8.1-3.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:8.8.1-3.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:8.8.1-3.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Satellite Client 6 for RHEL 8 Unaffected: 0:7.34.0-4.el8sat , < * (rpm)
        cpe:/a:redhat:rhel_satellite_client:6::el8
        cpe:/a:redhat:rhel_satellite_client:6::el9
    Create a notification for this product.
    Red Hat Satellite Client 6 for RHEL 9 Unaffected: 0:7.34.0-4.el9sat , < * (rpm)
        cpe:/a:redhat:rhel_satellite_client:6::el8
        cpe:/a:redhat:rhel_satellite_client:6::el9
    Create a notification for this product.
    Date Public
    2025-09-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10990",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T18:43:48.686335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T18:43:57.501Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.redhat.com/en/technologies/management/satellite",
              "defaultStatus": "unaffected",
              "packageName": "Red Hat Satellite",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "6.17.5"
                },
                {
                  "status": "unaffected",
                  "version": "6.16.5.4"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:8.8.1-3.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_satellite_client:6::el8",
                "cpe:/a:redhat:rhel_satellite_client:6::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Satellite Client 6 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:7.34.0-4.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_satellite_client:6::el8",
                "cpe:/a:redhat:rhel_satellite_client:6::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "puppet-agent",
              "product": "Satellite Client 6 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:7.34.0-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2025-09-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (\u0026#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1333",
                  "description": "Inefficient Regular Expression Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-25T23:53:54.096Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:17606",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17606"
            },
            {
              "name": "RHSA-2025:17613",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17613"
            },
            {
              "name": "RHSA-2025:17693",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17693"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-10990"
            },
            {
              "name": "RHBZ#2398216",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398216"
            },
            {
              "url": "https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f"
            },
            {
              "url": "https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m"
            },
            {
              "url": "https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-25T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-09-25T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Rexml: rexml: denial of service via inefficient regex parsing",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-1333: Inefficient Regular Expression Complexity"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-10990",
        "datePublished": "2026-02-27T13:32:02.309Z",
        "dateReserved": "2025-09-25T17:30:55.821Z",
        "dateUpdated": "2026-06-25T23:53:54.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0980 (GCVE-0-2026-0980)

    Vulnerability from cvelistv5 – Published: 2026-02-27 07:30 – Updated: 2026-03-26 23:10
    VLAI
    Title
    Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username
    Summary
    A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:5968 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:5970 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:5971 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-0980 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2429874 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.13.0-0.1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.13.0-0.1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2020-01-15 08:08
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T16:50:09.223915Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T18:49:02.471Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-0.1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9",
                "cpe:/a:redhat:satellite_capsule:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-rubyipmi",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2020-01-15T08:08:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:10:23.847Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-0980"
            },
            {
              "name": "RHBZ#2429874",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-15T08:50:01.841Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2020-01-15T08:08:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-0980",
        "datePublished": "2026-02-27T07:30:42.657Z",
        "dateReserved": "2026-01-15T08:53:56.962Z",
        "dateUpdated": "2026-03-26T23:10:23.847Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-9572 (GCVE-0-2025-9572)

    Vulnerability from cvelistv5 – Published: 2026-02-27 07:28 – Updated: 2026-03-24 11:28
    VLAI
    Title
    Foreman: satellite: graphql api permission bypass leads to information disclosure
    Summary
    n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    The Foreman Foreman Affected: 1.22.0 , < 3.16.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:6.15.5.7-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.12-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:6.16.5.6-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.12-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:6.16.5.6-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.11-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:4.18.0.4-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:6.18.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2025-08-29 06:12
    Credits
    Red Hat would like to thank Ohad Levy (Redhat) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9572",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T18:42:27.523966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T18:42:37.881Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "unaffected",
              "packageName": "foreman",
              "product": "Foreman",
              "vendor": "The Foreman",
              "versions": [
                {
                  "lessThan": "3.16.2",
                  "status": "affected",
                  "version": "1.22.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.15.5.7-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.12-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.16.5.6-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.12-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.16.5.6-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.11-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0.4-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.18.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Ohad Levy (Redhat) for reporting this issue."
            }
          ],
          "datePublic": "2025-08-29T06:12:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "n authorization flaw in Foreman\u0027s GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-24T11:28:32.518Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:21886",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21886"
            },
            {
              "name": "RHSA-2025:21893",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21893"
            },
            {
              "name": "RHSA-2025:21894",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21894"
            },
            {
              "name": "RHSA-2025:21897",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21897"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-9572"
            },
            {
              "name": "RHBZ#2391715",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391715"
            },
            {
              "url": "https://theforeman.org/security.html#2025-9572"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-08-29T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-08-29T06:12:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: satellite: graphql api permission bypass leads to information disclosure",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-863: Incorrect Authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-9572",
        "datePublished": "2026-02-27T07:28:44.391Z",
        "dateReserved": "2025-08-28T08:47:45.693Z",
        "dateUpdated": "2026-03-24T11:28:32.518Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1530 (GCVE-0-2026-1530)

    Vulnerability from cvelistv5 – Published: 2026-02-02 05:47 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation
    Summary
    A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:1.5.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Date Public
    2026-01-28 12:40
    Credits
    This issue was discovered by Evgeni Golov (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1530",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:26:13.539148Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:28:31.327Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-28T12:40:37.424Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.334Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
              },
              {
                "name": "RHBZ#2433784",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1530.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:39:43.076Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-28T12:40:37.424Z",
                "value": "Made public."
              }
            ],
            "title": "fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Evgeni Golov (Red Hat)."
            }
          ],
          "datePublic": "2026-01-28T12:40:37.424Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T20:31:44.599Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
            },
            {
              "name": "RHBZ#2433784",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:39:43.076Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-01-28T12:40:37.424Z",
              "value": "Made public."
            }
          ],
          "title": "Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1530",
        "datePublished": "2026-02-02T05:47:10.049Z",
        "dateReserved": "2026-01-28T12:41:52.835Z",
        "dateUpdated": "2026-06-30T12:07:08.334Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1531 (GCVE-0-2026-1531)

    Vulnerability from cvelistv5 – Published: 2026-02-02 05:47 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification
    Summary
    A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.2.0-2.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.2.0-2.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9     cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9     cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Date Public
    2026-01-28 12:34
    Credits
    This issue was discovered by Evgeni Golov (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1531",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:26:15.329498Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:28:40.750Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.17::el9",
                  "cpe:/a:redhat:satellite_capsule:6.17::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                  "cpe:/a:redhat:satellite_utils:6.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.17 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.18::el9",
                  "cpe:/a:redhat:satellite_capsule:6.18::el9",
                  "cpe:/a:redhat:satellite_utils:6.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.18 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-28T12:34:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.059Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
              },
              {
                "name": "RHBZ#2433786",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1531.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5971"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5970"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:5968"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:50:13.269Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-28T12:34:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.2.0-2.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.2.0-2.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "libcomps",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.1.23-0.3.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-brotli",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.2.0-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-django",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.2.28-0.1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-container",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.22.3-1.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-pulp-rpm",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.27.10-2.el9pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-fog-kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-katello",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.16.0.14-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-rubyipmi",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.13.0-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:6.17.7-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9",
                "cpe:/a:redhat:satellite_capsule:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "yggdrasil-worker-forwarder",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.0.3-4.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.3-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/rubygem-foreman_kubevirt",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Evgeni Golov (Red Hat)."
            }
          ],
          "datePublic": "2026-01-28T12:34:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:00:06.609Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:5968",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5968"
            },
            {
              "name": "RHSA-2026:5970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5970"
            },
            {
              "name": "RHSA-2026:5971",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:5971"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
            },
            {
              "name": "RHBZ#2433786",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:50:13.269Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-01-28T12:34:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1531",
        "datePublished": "2026-02-02T05:47:09.570Z",
        "dateReserved": "2026-01-28T12:52:40.355Z",
        "dateUpdated": "2026-06-30T12:07:08.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10622 (GCVE-0-2025-10622)

    Vulnerability from cvelistv5 – Published: 2025-11-05 07:32 – Updated: 2026-02-26 17:47
    VLAI
    Title
    Foreman: os command injection via ct_location and fcct_location parameters
    Summary
    A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    The Foreman Foreman Affected: 3.12.0 , < 3.16.1 (semver)
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.13-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.11-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.10-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.17::el9
        cpe:/a:redhat:satellite:6.17::el9
        cpe:/a:redhat:satellite_utils:6.17::el9
        cpe:/a:redhat:satellite_maintenance:6.17::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:3.16.0.4-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.18::el9
        cpe:/a:redhat:satellite:6.18::el9
        cpe:/a:redhat:satellite_maintenance:6.18::el9
        cpe:/a:redhat:satellite_utils:6.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Date Public
    2025-11-01 23:59
    Credits
    Red Hat would like to thank Michał Bartoszuk (stmcyber.pl) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10622",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-06T04:55:32.773793Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:47:17.722Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "unaffected",
              "packageName": "foreman",
              "product": "Foreman",
              "vendor": "The Foreman",
              "versions": [
                {
                  "lessThan": "3.16.1",
                  "status": "affected",
                  "version": "3.12.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.13-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.11-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.17::el9",
                "cpe:/a:redhat:satellite:6.17::el9",
                "cpe:/a:redhat:satellite_utils:6.17::el9",
                "cpe:/a:redhat:satellite_maintenance:6.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.17 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.14.0.10-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.18::el9",
                "cpe:/a:redhat:satellite:6.18::el9",
                "cpe:/a:redhat:satellite_maintenance:6.18::el9",
                "cpe:/a:redhat:satellite_utils:6.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.18 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.16.0.4-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "affected",
              "packageName": "satellite:el8/foreman",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Micha\u0142 Bartoszuk (stmcyber.pl) for reporting this issue."
            }
          ],
          "datePublic": "2025-11-01T23:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T20:07:02.486Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:19721",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19721"
            },
            {
              "name": "RHSA-2025:19832",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19832"
            },
            {
              "name": "RHSA-2025:19855",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19855"
            },
            {
              "name": "RHSA-2025:19856",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19856"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-10622"
            },
            {
              "name": "RHBZ#2396020",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
            },
            {
              "url": "https://theforeman.org/security.html#2025-10622"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-17T09:07:39.743Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-11-01T23:59:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: os command injection via ct_location and fcct_location parameters",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-10622",
        "datePublished": "2025-11-05T07:32:14.390Z",
        "dateReserved": "2025-09-17T11:48:59.825Z",
        "dateUpdated": "2026-02-26T17:47:17.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8553 (GCVE-0-2024-8553)

    Vulnerability from cvelistv5 – Published: 2024-10-31 15:01 – Updated: 2025-11-11 16:10
    VLAI
    Title
    Foreman: read-only access to entire db from templates
    Summary
    A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:8717 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8718 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-8553 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2312524 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.25-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Date Public
    2024-10-31 14:29
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-31T15:52:21.343746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:52:36.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.25-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-10-31T14:29:39.030Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:10:06.757Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:8717",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8717"
            },
            {
              "name": "RHSA-2024:8718",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8718"
            },
            {
              "name": "RHSA-2024:8719",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8719"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
            },
            {
              "name": "RHBZ#2312524",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-16T07:20:13.067Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-10-31T14:29:39.030Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: read-only access to entire db from templates",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-8553",
        "datePublished": "2024-10-31T15:01:16.401Z",
        "dateReserved": "2024-09-06T20:25:15.408Z",
        "dateUpdated": "2025-11-11T16:10:06.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7923 (GCVE-0-2024-7923)

    Vulnerability from cvelistv5 – Published: 2024-09-04 13:41 – Updated: 2025-11-11 16:12
    VLAI
    Title
    Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
    Summary
    An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7923 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2305718 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (custom)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Update Infrastructure 4 for Cloud Providers     cpe:/a:redhat:rhui:4::el8
    Create a notification for this product.
    Date Public
    2024-09-04 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:28:06.080066Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:29:14.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-pulpcore",
              "defaultStatus": "unaffected",
              "packageName": "pulpcore",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "pulpcore-selinux",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore-client",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-09-04T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:12:18.584Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7923"
            },
            {
              "name": "RHBZ#2305718",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-19T12:36:58.759Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7923",
        "datePublished": "2024-09-04T13:41:48.872Z",
        "dateReserved": "2024-08-19T12:40:08.047Z",
        "dateUpdated": "2025-11-11T16:12:18.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7012 (GCVE-0-2024-7012)

    Vulnerability from cvelistv5 – Published: 2024-09-04 13:41 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Puppet-foreman: an authentication bypass vulnerability exists in foreman
    Summary
    An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7012 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2299429 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (semver)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Date Public
    2024-09-04 13:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-23T17:16:24.550968Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-23T17:16:34.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-foreman",
              "defaultStatus": "unaffected",
              "packageName": "puppet-foreman",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-09-04T13:14:02.531Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:25.711Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7012"
            },
            {
              "name": "RHBZ#2299429",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299429"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T04:51:12.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:14:02.531Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-foreman: an authentication bypass vulnerability exists in foreman",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7012",
        "datePublished": "2024-09-04T13:41:17.877Z",
        "dateReserved": "2024-07-23T05:02:30.865Z",
        "dateUpdated": "2025-11-11T15:29:25.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }