Impact
A flaw in Foreman, identified5135, involves broken access control that permits an authenticated user with host‑edit permissions to retarget an existing lookup value override to a different host by modifying the match field through nested host attributes. The flaw bypasses authorization checks, enabling the attacker to modify managed host configurations beyond their usual scope and across different organizational and location boundaries. The weakness is classified as CWE‑639, indicating compromised authority.
Affected Systems
The vulnerability affects Red Hat Satellite 6 deployments. All installations of Red Hat Satellite 6 are potentially impacted, as the issue resides in the Foreman component used to manage host configurations. No specific patch level or version is listed, so administrators available updates through the Red Hat Customer Portal or equivalent channels.
Risk and Exploitability
The CVSS score of 6.5 signifies a medium severity with moderate impact, while the EPSS score is not available and the vulnerability is not listed in the current CISA KEV catalog. The attack requires an authenticated session with host‑edit privilege, meaning the threat vector is internal and depends on compromised credentials or social engineering. Given the ability to alter host configurations across organization and location boundaries, the potential damage includes inadvertent misconfiguration, service disruption, and policy violations, making this a notable risk for organizations that rely on strict separation between environments.
OpenCVE Enrichment