PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-5135 Red Hat CVE debrief

A flaw was found in Foreman, a broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries.

Vendor
Red Hat
Product
Red Hat Satellite 6.16 for RHEL 8
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-01
Original CVE updated
2026-07-09
Advisory published
2026-07-01
Advisory updated
2026-07-09

Who should care

Organisations using Foreman for host management, particularly those with multiple hosts and complex configuration setups, should be aware of this vulnerability. Users with host-edit permissions are at risk of being exploited, potentially leading to unauthorised configuration changes.

Technical summary

The vulnerability exists in Foreman's handling of lookup value overrides. An authenticated user with host-edit permissions can modify the match field of an existing override, redirecting it to a different host. This action bypasses authorisation checks, allowing for potential configuration changes across organisational and location boundaries. The vulnerability is characterised by its ability to be exploited through nested host attributes.

Defensive priority

Medium priority due to the requirement for host-edit permissions and the potential for significant impact if exploited.

Recommended defensive actions

  • Review and restrict host-edit permissions to only those who require them.
  • Monitor Foreman logs for unusual activity related to lookup value overrides.
  • Apply vendor patches or updates as soon as they are available.
  • Consider implementing additional access controls or segregation of duties within Foreman.
  • Regularly review and audit Foreman configurations and permissions.

Evidence notes

The CVE record was published on 2026-07-01T15:17:11.740Z and was last modified on 2026-07-09T02:39:11.320Z. The NVD entry is currently Analyzed. Vendor advisories are available through Red Hat's errata and security pages.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T15:17:11.740Z and has not been modified since then. The NVD entry is currently Analyzed.