CVE-2025-9572

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:21886	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:21893	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:21894	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:21897	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2025-9572	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2391715	Issue Tracking
https://theforeman.org/security.html#2025-9572	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:satellite:6.15:::::::*
	cpe:2.3:a:redhat:satellite:6.16:::::::*
	cpe:2.3:a:redhat:satellite:6.17:::::::*
	cpe:2.3:a:redhat:satellite:6.18:::::::*
	cpe:2.3:a:redhat:satellite_capsule:6.15:::::::*
	cpe:2.3:a:redhat:satellite_capsule:6.16:::::::*
	cpe:2.3:a:redhat:satellite_capsule:6.17:::::::*
	cpe:2.3:a:redhat:satellite_capsule:6.18:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

History

17 Mar 2026, 21:06

Type	Values Removed	Values Added
CWE		CWE-863
Summary		(es) Una falla de autorización en la API GraphQL de Foreman permite a usuarios con bajos privilegios acceder a metadatos más allá de sus permisos asignados. A diferencia de la API REST, que aplica correctamente los controles de acceso, el endpoint GraphQL no aplica un filtrado adecuado, lo que lleva a una omisión de autorización.
First Time		Redhat Redhat enterprise Linux Theforeman Redhat satellite Capsule Redhat satellite Theforeman foreman
CPE		cpe:2.3:a:redhat:satellite:6.18:::::::* cpe:2.3:a:redhat:satellite_capsule:6.17:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:a:redhat:satellite_capsule:6.15:::::::* cpe:2.3:a:redhat:satellite:6.17:::::::* cpe:2.3:a:redhat:satellite_capsule:6.16:::::::* cpe:2.3:a:redhat:satellite:6.16:::::::* cpe:2.3:a:theforeman:foreman:::::::: cpe:2.3:a:redhat:satellite_capsule:6.18:::::::* cpe:2.3:a:redhat:satellite:6.15:::::::*
References	~~() https://access.redhat.com/errata/RHSA-2025:21886 -~~	() https://access.redhat.com/errata/RHSA-2025:21886 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:21893 -~~	() https://access.redhat.com/errata/RHSA-2025:21893 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:21894 -~~	() https://access.redhat.com/errata/RHSA-2025:21894 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2025:21897 -~~	() https://access.redhat.com/errata/RHSA-2025:21897 - Third Party Advisory
References	~~() https://access.redhat.com/security/cve/CVE-2025-9572 -~~	() https://access.redhat.com/security/cve/CVE-2025-9572 - Third Party Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2391715 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2391715 - Issue Tracking
References	~~() https://theforeman.org/security.html#2025-9572 -~~	() https://theforeman.org/security.html#2025-9572 - Vendor Advisory

27 Feb 2026, 08:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-27 08:17

Updated : 2026-03-17 21:06

NVD link : CVE-2025-9572

Mitre link : CVE-2025-9572

CVE.ORG link : CVE-2025-9572

JSON object : View

Products Affected

redhat

enterprise_linux
satellite
satellite_capsule

theforeman

foreman

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-863

Incorrect Authorization

5.0 /10