CVE Catalog

CVE-2026-5142

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

19th percentile — higher than 19% of all known CVEs

Summary

A flaw was found in Foreman where authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments.

Risk Assessment

The risk involves potential leakage of sensitive SSH keys in multi-tenant environments, which could allow an attacker to access systems and data of other organizations, compromising security and confidentiality.

Recommendation

It is recommended to immediately update Foreman to a patched version that fixes this vulnerability and review the 'view_keypairs' permission configuration to restrict access only to necessary users.

Original NVD description (English source)

A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS