A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 01 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access. | |
| Title | Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation | |
| First Time appeared |
Redhat
Redhat satellite |
|
| Weaknesses | CWE-266 | |
| CPEs | cpe:/a:redhat:satellite:6 | |
| Vendors & Products |
Redhat
Redhat satellite |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-01T15:01:39.549Z
Reserved: 2026-03-30T10:47:46.043Z
Link: CVE-2026-5136
Updated: 2026-07-01T15:01:36.329Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-01T15:00:06Z
Weaknesses