PT-2026-53837 · Red Hat · Red Hat Satellite 6

Published

2026-06-30

Updated

2026-06-30

CVE-2026-13316

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

A flaw has been found in foreman when HTTP parameters are modified in http proxies controller and http proxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2026-13316

Affected Products

Red Hat Satellite 6

PT-2026-53837 · Red Hat · Red Hat Satellite 6

CVE-2026-13316

Weakness Enumeration

Related Identifiers

Affected Products

References · 3