CVE-2026-5135 MEDIUM

CVE-2026-5135: Foreman: foreman: unauthorized modification of host configurations via broken access control

Vendor Red Hat
Product Red Hat Satellite 6
Weakness CWE-639 · IDOR
Published July 1, 2026
Last update July 1, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries.

Key dates

02Disclosure timeline

July 1, 2026 CVE published
July 1, 2026 Record updated