PatchSiren cyber security CVE debrief
CVE-2026-5135 Red Hat CVE debrief
A flaw was found in Foreman, a broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries.
- Vendor
- Red Hat
- Product
- Red Hat Satellite 6.16 for RHEL 8
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-01
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-01
- Advisory updated
- 2026-07-09
Who should care
Organisations using Foreman for host management, particularly those with multiple hosts and complex configuration setups, should be aware of this vulnerability. Users with host-edit permissions are at risk of being exploited, potentially leading to unauthorised configuration changes.
Technical summary
The vulnerability exists in Foreman's handling of lookup value overrides. An authenticated user with host-edit permissions can modify the match field of an existing override, redirecting it to a different host. This action bypasses authorisation checks, allowing for potential configuration changes across organisational and location boundaries. The vulnerability is characterised by its ability to be exploited through nested host attributes.
Defensive priority
Medium priority due to the requirement for host-edit permissions and the potential for significant impact if exploited.
Recommended defensive actions
- Review and restrict host-edit permissions to only those who require them.
- Monitor Foreman logs for unusual activity related to lookup value overrides.
- Apply vendor patches or updates as soon as they are available.
- Consider implementing additional access controls or segregation of duties within Foreman.
- Regularly review and audit Foreman configurations and permissions.
Evidence notes
The CVE record was published on 2026-07-01T15:17:11.740Z and was last modified on 2026-07-09T02:39:11.320Z. The NVD entry is currently Analyzed. Vendor advisories are available through Red Hat's errata and security pages.
Official resources
-
CVE-2026-5135 CVE record
CVE.org
-
CVE-2026-5135 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T15:17:11.740Z and has not been modified since then. The NVD entry is currently Analyzed.