Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-12112
PUBLISHED
More InfoOfficial Page
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
View Known Exploited Vulnerability (KEV) details
Published At-23 Jun, 2026 | 19:40
Updated At-24 Jun, 2026 | 01:41
Rejected At-
▼CVE Numbering Authority (CNA)
Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating authentication tokens and by logging all newly created session IDs to standard logs. This issue can result in privilege escalation and infrastructure-wide code execution.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Satellite 6.19
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
satellite/foreman-mcp-server-rhel9
CPEs
  • cpe:/a:redhat:satellite:6.19::el9
Default Status
affected
Versions
Unaffected
  • From 1782228692 before * (rpm)
Problem Types
TypeCWE IDDescription
CWECWE-287Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

Exploits
Credits
This issue was discovered by Laura Pardo (Red Hat) and Toni Gornals (Red Hat).
Timeline
EventDate
Reported to Red Hat.2026-05-06 00:00:00
Made public.2026-06-23 14:31:23
Event: Reported to Red Hat.
Date: 2026-05-06 00:00:00
Event: Made public.
Date: 2026-06-23 14:31:23
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2026:28438
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2026-12112
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2488031
issue-tracking
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:28438
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-12112
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2488031
Resource:
issue-tracking
x_refsource_REDHAT
Details not found