Description
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
Published: 2026-02-02
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Man-in-the-Middle via insecure default SSL verification
Action: Mitigate
AI Analysis

Impact

A flaw in foreman_kubevirt causes the system to disable SSL verification when a Certificate Authority certificate is not explicitly configured during OpenShift connection setup. This insecure default permits an attacker who can observe traffic between a Red Hat Satellite server and an OpenShift cluster to intercept or modify the communication, resulting in disclosure or alteration of sensitive data. The vulnerability is a classic example of misconfigured cryptographic verification, classified as CWE‑295.

Affected Systems

The issue affects Red Hat Satellite 6 and its associated components, including Satellite 6.16, 6.17, and 6.18 for both RHEL 8 and RHEL 9 platforms, as well as related capsule, maintenance and utility modules for the same versions.

Risk and Exploitability

With a CVSS score of 8.1, this vulnerability is considered high severity. The EPSS score is below 1 %, indicating a low probability of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The attack vector requires a remote attacker who can intercept network traffic between the Satellite server and the OpenShift cluster; no credential compromise is needed, but the attacker must be able to position themselves on the network path to perform a man‑in‑the‑middle attack.

Generated by OpenCVE AI on April 16, 2026 at 17:35 UTC.

Remediation

Vendor Workaround

To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect.

OpenCVE Recommended Actions

  • Update Red Hat Satellite to the latest available release that includes the foreman_kubevirt fix, as listed in the RHSA errata (e.g., RHSA‑2026:5968, RHSA‑2026:5970, RHSA‑2026:5971).
  • Configure an explicit CA certificate for the foreman_kubevirt OpenShift connection; consult the foreman_kubevirt documentation for instructions on adding CA certificates.
  • Restart or reload the foreman_kubevirt service after adding the CA certificate to ensure SSL verification is enabled.

Generated by OpenCVE AI on April 16, 2026 at 17:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-2qxw-7fmx-gqfm foreman_kubevirt disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set
History

Fri, 27 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:satellite:6.18::el9
cpe:/a:redhat:satellite_capsule:6.18::el9
cpe:/a:redhat:satellite_utils:6.18::el9
References

Thu, 26 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat satellite Capsule
Redhat satellite Maintenance
Redhat satellite Utils
CPEs cpe:/a:redhat:satellite:6.16::el8
cpe:/a:redhat:satellite:6.16::el9
cpe:/a:redhat:satellite:6.17::el9
cpe:/a:redhat:satellite_capsule:6.16::el8
cpe:/a:redhat:satellite_capsule:6.16::el9
cpe:/a:redhat:satellite_capsule:6.17::el9
cpe:/a:redhat:satellite_maintenance:6.16::el9
cpe:/a:redhat:satellite_maintenance:6.17::el9
cpe:/a:redhat:satellite_utils:6.16::el8
cpe:/a:redhat:satellite_utils:6.16::el9
cpe:/a:redhat:satellite_utils:6.17::el9
Vendors & Products Redhat satellite Capsule
Redhat satellite Maintenance
Redhat satellite Utils
References

Mon, 02 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Feb 2026 06:00:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
Title foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification
First Time appeared Redhat
Redhat satellite
CPEs cpe:/a:redhat:satellite:6
Vendors & Products Redhat
Redhat satellite
References

Thu, 29 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification
Weaknesses CWE-295
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

threat_severity

Important

Subscriptions

Redhat Satellite Satellite Capsule Satellite Maintenance Satellite Utils
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-03-26T23:00:06.609Z

Reserved: 2026-01-28T12:52:40.355Z

Link: CVE-2026-1531

cve-icon Vulnrichment

Updated: 2026-02-02T16:26:16.252Z

cve-icon NVD

Status : Deferred

Published: 2026-02-02T06:16:20.790

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-1531

cve-icon Redhat

Severity : Important

Publid Date: 2026-01-28T12:34:00Z

Links: CVE-2026-1531 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T17:45:27Z

Weaknesses