Foreman and Red Hat Satellite Temporary File Permission Vulnerability Allowing Information Disclosure

Vulnerability

A vulnerability exists in Foreman/Red Hat Satellite due to improper file permissions on temporary files created under /var/tmp during job execution. This flaw enables low-privileged OS users to access and read command outputs, potentially exposing sensitive information such as system credentials or configuration details. While this vulnerability does not directly escalate privileges, it increases the risk of information disclosure, which could be exploited in further attacks.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, such as system credentials or configuration details, which could be used to escalate privileges or conduct further attacks.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Foreman and Red Hat Satellite Temporary File Permission Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Affected Products

Foreman

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating