CVE-2026-1530

A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2026:5970
https://access.redhat.com/errata/RHSA-2026:5971
https://access.redhat.com/security/cve/CVE-2026-1530
https://bugzilla.redhat.com/show_bug.cgi?id=2433784

Configurations

No configuration.

History

26 Mar 2026, 21:17

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla en fog-kubevirt. Esta vulnerabilidad permite a un atacante remoto realizar un ataque Man-in-the-Middle (MitM) debido a la validación de certificados deshabilitada. Esto permite al atacante interceptar y potencialmente alterar comunicaciones sensibles entre Satellite y OpenShift, lo que resulta en revelación de información y compromiso de la integridad de los datos.
References		() https://access.redhat.com/errata/RHSA-2026:5970 - () https://access.redhat.com/errata/RHSA-2026:5971 -

02 Feb 2026, 06:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-02 06:16

Updated : 2026-04-15 00:35

NVD link : CVE-2026-1530

Mitre link : CVE-2026-1530

CVE.ORG link : CVE-2026-1530

JSON object : View

Products Affected

No product.

CWE

CWE-295

Improper Certificate Validation

8.1 /10