CVE-2025-9572

CWE-863 — Incorrect Authorization CWE-200 — Information Exposure6 documents6 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 98.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Foreman Foreman Theforeman Foreman Redhat Enterprise Linux +2 more

Timeline

PublishedFeb 27

Description

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages4 packages

▶NVDtheforeman/foreman1.22.0 — 3.16.2

▶CVEListV5the_foreman/foreman1.22.0 — 3.16.2

▶NVDredhat/satellite4 versions+3

▶NVDredhat/satellite_capsule4 versions+3

Also affects: Enterprise Linux 9.0

🔴Vulnerability Details

OSV

CVE-2025-9572: n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions↗2026-02-27

▶

CVEList

Foreman: satellite: graphql api permission bypass leads to information disclosure↗2026-02-27

▶

GHSA

GHSA-gvvp-xfg4-2fr6: n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions↗2026-02-27

▶

📋Vendor Advisories

Red Hat

foreman: Satellite: GraphQL API permission bypass leads to information disclosure↗2025-08-29

▶

🕵️Threat Intelligence

Wiz

CVE-2025-9572 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶