Skip to content

Fixes #39480 - CVE-2026-5135: Unauthorized modification of host configurations#11071

Merged
ogajduse merged 1 commit into
theforeman:3.19-stablefrom
ogajduse:cve-2026-5135/3.19-stable
Jul 1, 2026
Merged

Fixes #39480 - CVE-2026-5135: Unauthorized modification of host configurations#11071
ogajduse merged 1 commit into
theforeman:3.19-stablefrom
ogajduse:cve-2026-5135/3.19-stable

Conversation

@ogajduse

@ogajduse ogajduse commented Jul 1, 2026

Copy link
Copy Markdown
Member

CVE-2026-5135

Unauthorized modification of host configurations via broken access control.

When lookup values are submitted as nested attributes during host or hostgroup updates, the match field is permitted and applied without ownership validation. A user with host-edit rights can retarget an existing lookup value override to point at a different host, injecting configuration values into hosts they are not authorized to edit.

@pr-processor pr-processor Bot added Not yet reviewed Stable branch PRs that are opened against a stable branch. Usually a cherry pick labels Jul 1, 2026
@ogajduse ogajduse force-pushed the cve-2026-5135/3.19-stable branch from 1d3ea02 to 9570a0d Compare July 1, 2026 16:09
@ogajduse ogajduse merged commit 6e298a6 into theforeman:3.19-stable Jul 1, 2026
22 of 23 checks passed
@ogajduse ogajduse deleted the cve-2026-5135/3.19-stable branch July 1, 2026 16:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Stable branch PRs that are opened against a stable branch. Usually a cherry pick

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

3 participants