{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-9572","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2025-08-28T08:47:45.693Z","datePublished":"2026-02-27T07:28:44.391Z","dateUpdated":"2026-03-24T11:28:32.518Z"},"containers":{"cna":{"title":"Foreman: satellite: graphql api permission bypass leads to information disclosure","metrics":[{"other":{"content":{"value":"Moderate","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass."}],"affected":[{"vendor":"The Foreman","product":"Foreman","versions":[{"status":"affected","version":"1.22.0","lessThan":"3.16.2","versionType":"semver"}],"packageName":"foreman","collectionURL":"https://github.com/theforeman/foreman","defaultStatus":"unaffected"},{"vendor":"Red Hat","product":"Red Hat Satellite 6.15 for RHEL 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","defaultStatus":"affected","versions":[{"version":"0:3.9.1.14-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite:6.15::el8","cpe:/a:redhat:satellite_utils:6.15::el8","cpe:/a:redhat:satellite_capsule:6.15::el8"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.15 for RHEL 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite","defaultStatus":"affected","versions":[{"version":"0:6.15.5.7-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite:6.15::el8","cpe:/a:redhat:satellite_utils:6.15::el8","cpe:/a:redhat:satellite_capsule:6.15::el8"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","defaultStatus":"affected","versions":[{"version":"0:3.12.0.12-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite","defaultStatus":"affected","versions":[{"version":"0:6.16.5.6-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","defaultStatus":"affected","versions":[{"version":"0:3.12.0.12-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite","defaultStatus":"affected","versions":[{"version":"0:6.16.5.6-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.17 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","defaultStatus":"affected","versions":[{"version":"0:3.14.0.11-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_capsule:6.17::el9","cpe:/a:redhat:satellite:6.17::el9","cpe:/a:redhat:satellite_utils:6.17::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","defaultStatus":"affected","versions":[{"version":"0:3.16.0.7-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rubygem-katello","defaultStatus":"affected","versions":[{"version":"0:4.18.0.4-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite","defaultStatus":"affected","versions":[{"version":"0:6.18.1-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:21886","name":"RHSA-2025:21886","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:21893","name":"RHSA-2025:21893","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:21894","name":"RHSA-2025:21894","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:21897","name":"RHSA-2025:21897","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2025-9572","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391715","name":"RHBZ#2391715","tags":["issue-tracking","x_refsource_REDHAT"]},{"url":"https://theforeman.org/security.html#2025-9572"}],"datePublic":"2025-08-29T06:12:00.000Z","problemTypes":[{"descriptions":[{"cweId":"CWE-863","description":"Incorrect Authorization","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-863: Incorrect Authorization","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"timeline":[{"lang":"en","time":"2025-08-29T00:00:00.000Z","value":"Reported to Red Hat."},{"lang":"en","time":"2025-08-29T06:12:00.000Z","value":"Made public."}],"credits":[{"lang":"en","value":"Red Hat would like to thank Ohad Levy (Redhat) for reporting this issue."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2026-03-24T11:28:32.518Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-27T18:42:27.523966Z","id":"CVE-2025-9572","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-27T18:42:37.881Z"}}]}}