Cross-Tenant Information Disclosure Vulnerability in Foreman by Red Hat
CVE-2026-5138

4.3MEDIUM

Key Information:

Vendor

Red Hat

Vendor
CVE Published:
1 July 2026

What is CVE-2026-5138?

A vulnerability exists in Foreman that allows an authenticated user with host-edit permissions to exploit a cross-tenant information disclosure flaw. The issue arises due to insufficient validation of organization and location IDs in the taxonomy_scope controller method. This oversight enables users to bypass authorization checks and access sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs from unauthorized organizations and locations.

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Stanislav Fot (Aisle Research) for reporting this issue.
.