Cross-Tenant Information Disclosure Vulnerability in Foreman by Red Hat
CVE-2026-5138
4.3MEDIUM
What is CVE-2026-5138?
A vulnerability exists in Foreman that allows an authenticated user with host-edit permissions to exploit a cross-tenant information disclosure flaw. The issue arises due to insufficient validation of organization and location IDs in the taxonomy_scope controller method. This oversight enables users to bypass authorization checks and access sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs from unauthorized organizations and locations.
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.