๐Ÿ” CVE Alert

CVE-2026-5138

MEDIUM 4.3

Foreman: foreman: information disclosure via improper validation of nested request parameters

CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access.

CWE CWE-639
Vendor red hat
Product red hat satellite 6
Published Jul 1, 2026
Last Updated Jul 1, 2026
Stay Ahead of the Next One

Get instant alerts for red hat red hat satellite 6

Be the first to know when new medium vulnerabilities affecting red hat red hat satellite 6 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Affected Versions

Red Hat / Red Hat Satellite 6
All versions affected
Red Hat / Red Hat Satellite 6
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-5138 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2452971

Credits

Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.