Common Weakness Enumeration

CWE-295

Allowed

Improper Certificate Validation

Abstraction: Base · Status: Draft

The product does not validate, or incorrectly validates, a certificate.

1903 vulnerabilities reference this CWE, most recent first.

CVE-2026-3100 (GCVE-0-2026-3100)

Vulnerability from cvelistv5 – Published: 2026-02-25 05:52 – Updated: 2026-02-27 14:26
VLAI
Title
An improper certificate validation vulnerability was found in the FTP Backup on the ADM.
Summary
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data. Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
ASUSTOR ADM Affected: 4.1.0 , ≤ 4.3.3.ROF1 (custom)
Affected: 5.0.0 , ≤ 5.1.2.RE51 (custom)
Create a notification for this product.
Date Public
2026-02-25 05:45
Credits
Nuke
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3100",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-25T17:46:30.911041Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T14:26:39.407Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "FTP Backup",
          "platforms": [
            "Linux",
            "x86",
            "ARM",
            "64 bit"
          ],
          "product": "ADM",
          "vendor": "ASUSTOR",
          "versions": [
            {
              "lessThanOrEqual": "4.3.3.ROF1",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.1.2.RE51",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Nuke"
        }
      ],
      "datePublic": "2026-02-25T05:45:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data.\nAffected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51."
            }
          ],
          "value": "The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data.\nAffected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-157",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-157 Sniffing Attacks"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T06:13:16.227Z",
        "orgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77",
        "shortName": "ASUSTOR1"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.asustor.com/security/security_advisory_detail?id=53"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "An improper certificate validation vulnerability was found in the FTP Backup on the ADM.",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f35eaae9-79f2-4d0d-a5c7-7bea6ed6be77",
    "assignerShortName": "ASUSTOR1",
    "cveId": "CVE-2026-3100",
    "datePublished": "2026-02-25T05:52:20.196Z",
    "dateReserved": "2026-02-24T08:35:18.143Z",
    "dateUpdated": "2026-02-27T14:26:39.407Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-2748 (GCVE-0-2026-2748)

Vulnerability from cvelistv5 – Published: 2026-03-04 08:48 – Updated: 2026-03-04 16:55
VLAI
Title
S/MIME Certificate Subject Whitespace
Summary
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
SEPPmail Secure Email Gateway Affected: 0 , < 15.0.1 (custom)
Create a notification for this product.
Credits
Andris Suter-Dörig Matteo Scarlata Kenny Paterson
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2748",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-04T16:51:21.240988Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-04T16:55:03.279Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Secure Email Gateway",
          "vendor": "SEPPmail",
          "versions": [
            {
              "lessThan": "15.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "15.0.1",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Andris Suter-D\u00f6rig"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "Matteo Scarlata"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "Kenny Paterson"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing."
            }
          ],
          "value": "SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-473",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-473 Signature Spoof"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-04T08:48:58.786Z",
        "orgId": "455daabc-a392-441d-aa46-37d35189897c",
        "shortName": "NCSC.ch"
      },
      "references": [
        {
          "tags": [
            "release-notes"
          ],
          "url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-31T14:22:00.000Z",
          "value": "Vulnerability disclosed to SEPPmail"
        },
        {
          "lang": "en",
          "time": "2026-01-06T00:00:00.000Z",
          "value": "SEPPmail version 15.0.1 released"
        }
      ],
      "title": "S/MIME Certificate Subject Whitespace",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
    "assignerShortName": "NCSC.ch",
    "cveId": "CVE-2026-2748",
    "datePublished": "2026-03-04T08:48:58.786Z",
    "dateReserved": "2026-02-19T13:56:33.534Z",
    "dateUpdated": "2026-03-04T16:55:03.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-2368 (GCVE-0-2026-2368)

Vulnerability from cvelistv5 – Published: 2026-03-11 20:21 – Updated: 2026-03-12 16:19
VLAI
Summary
An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Lenovo FileZ Affected: 0 , < 10.12.3.0 (custom)
Create a notification for this product.
Lenovo FileZ Affected: 0 , < 11.1.0.35 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2368",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T15:37:56.286622Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T16:19:05.164Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "FileZ",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "10.12.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android"
          ],
          "product": "FileZ",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "11.1.0.35",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:lenovo:filez:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "10.12.3.0",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:lenovo:filez:*:*:android:*:*:*:*:*",
                  "versionEndExcluding": "11.1.0.35",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code.\u0026nbsp;"
            }
          ],
          "value": "An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295: Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T20:21:05.818Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://www.filez.com/securityPolicy"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update\u0026nbsp;Lenovo\u0026nbsp;FileZ\u0026nbsp;Android\u0026nbsp;application to version\u0026nbsp;11.1.0.35\u0026nbsp;or\u0026nbsp;later.\u0026nbsp;"
            }
          ],
          "value": "Update\u00a0Lenovo\u00a0FileZ\u00a0Android\u00a0application to version\u00a011.1.0.35\u00a0or\u00a0later."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eUpdate\u0026nbsp;Lenovo\u0026nbsp;FileZ Windows\u0026nbsp;application to version\u0026nbsp;10.12.3.0\u0026nbsp;or\u0026nbsp;later.\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Update\u00a0Lenovo\u00a0FileZ Windows\u00a0application to version\u00a010.12.3.0\u00a0or\u00a0later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.0-beta"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2026-2368",
    "datePublished": "2026-03-11T20:21:05.818Z",
    "dateReserved": "2026-02-11T20:29:58.887Z",
    "dateUpdated": "2026-03-12T16:19:05.164Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1778 (GCVE-0-2026-1778)

Vulnerability from cvelistv5 – Published: 2026-02-02 20:14 – Updated: 2026-02-04 16:28
VLAI
Title
TLS disabled by default in select aws/sagemaker-python-sdk configurations
Summary
Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
Impacted products
Vendor Product Version
AWS SageMaker Python SDK Unaffected: 3.1.1
Unaffected: 2.256.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1778",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-03T15:02:05.521121Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-04T16:28:33.193Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SageMaker Python SDK",
          "vendor": "AWS",
          "versions": [
            {
              "status": "unaffected",
              "version": "3.1.1"
            },
            {
              "status": "unaffected",
              "version": "2.256.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAmazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.\u003c/p\u003e"
            }
          ],
          "value": "Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-459",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-459 Creating a Rogue Certification Authority Certificate"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-03T15:17:26.396Z",
        "orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
        "shortName": "AMZN"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://aws.amazon.com/security/security-bulletins/2026-004-AWS/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://github.com/aws/sagemaker-python-sdk/security/advisories/GHSA-62rc-f4v9-h543"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/aws/sagemaker-python-sdk/releases/tag/v3.1.1"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/aws/sagemaker-python-sdk/releases/tag/v2.256.0"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "TLS disabled by default in select aws/sagemaker-python-sdk\u00a0configurations",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
    "assignerShortName": "AMZN",
    "cveId": "CVE-2026-1778",
    "datePublished": "2026-02-02T20:14:57.943Z",
    "dateReserved": "2026-02-02T18:14:03.282Z",
    "dateUpdated": "2026-02-04T16:28:33.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1531 (GCVE-0-2026-1531)

Vulnerability from cvelistv5 – Published: 2026-02-02 05:47 – Updated: 2026-07-15 01:21
VLAI
Title
Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification
Summary
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.2.0-2.el8sat , < * (rpm)
    cpe:/a:redhat:satellite_capsule:6.16::el8
    cpe:/a:redhat:satellite_capsule:6.16::el9
    cpe:/a:redhat:satellite_utils:6.16::el8
    cpe:/a:redhat:satellite:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el9
    cpe:/a:redhat:satellite:6.16::el9
    cpe:/a:redhat:satellite_maintenance:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.2.0-2.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_capsule:6.16::el8
    cpe:/a:redhat:satellite_capsule:6.16::el9
    cpe:/a:redhat:satellite_utils:6.16::el8
    cpe:/a:redhat:satellite:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el9
    cpe:/a:redhat:satellite:6.16::el9
    cpe:/a:redhat:satellite_maintenance:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_capsule:6.18::el9
    cpe:/a:redhat:satellite:6.18::el9
    cpe:/a:redhat:satellite_utils:6.18::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:0.2.0-2.el8sat , < * (rpm)
    cpe:/a:redhat:satellite:6.16::el8
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:0.2.0-2.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.18 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.18::el9
Create a notification for this product.
Date Public
2026-01-28 12:34
Credits
This issue was discovered by Evgeni Golov (Red Hat).
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1531",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-02T16:26:15.329498Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-02T16:28:40.750Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el8"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6.16 for RHEL 8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.2.0-2.el8sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6.16 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.2.0-2.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "foreman",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:3.14.0.14-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "libcomps",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.1.23-0.3.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-brotli",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.2.0-0.1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-django",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:4.2.28-0.1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-pulp-container",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:2.22.3-1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-pulp-rpm",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:3.27.10-2.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-fog-kubevirt",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.5.1-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.4.3-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-katello",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:4.16.0.14-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-rubyipmi",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.13.0-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "satellite",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:6.17.7-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "yggdrasil-worker-forwarder",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.0.3-4.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6.18::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6.18 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.4.3-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6"
            ],
            "defaultStatus": "affected",
            "packageName": "satellite:el8/rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-01-28T12:34:00.000Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T01:21:27.170Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
          },
          {
            "name": "RHBZ#2433786",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1531.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5971"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5970"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5968"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-01-28T12:50:13.269Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-01-28T12:34:00.000Z",
            "value": "Made public."
          }
        ],
        "title": "foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification",
        "workarounds": [
          {
            "lang": "en",
            "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el9",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.16 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.2.0-2.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el9",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.16 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.2.0-2.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.14.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "libcomps",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.23-0.3.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-brotli",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.0-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-django",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.2.28-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-container",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.3-1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-rpm",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.27.10-2.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.3-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-katello",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-rubyipmi",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.13.0-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.17.7-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.0.3-4.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.14.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "libcomps",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.23-0.3.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-brotli",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.0-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-django",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.2.28-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-container",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.3-1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-rpm",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.27.10-2.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.3-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-katello",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-rubyipmi",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.13.0-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.17.7-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.0.3-4.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.18::el9",
            "cpe:/a:redhat:satellite:6.18::el9",
            "cpe:/a:redhat:satellite_utils:6.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.18 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.3-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite:el8/rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Evgeni Golov (Red Hat)."
        }
      ],
      "datePublic": "2026-01-28T12:34:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-26T23:00:06.609Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:5968",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5968"
        },
        {
          "name": "RHSA-2026:5970",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5970"
        },
        {
          "name": "RHSA-2026:5971",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5971"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1531"
        },
        {
          "name": "RHBZ#2433786",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-01-28T12:50:13.269Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-01-28T12:34:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1531",
    "datePublished": "2026-02-02T05:47:09.570Z",
    "dateReserved": "2026-01-28T12:52:40.355Z",
    "dateUpdated": "2026-07-15T01:21:27.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1530 (GCVE-0-2026-1530)

Vulnerability from cvelistv5 – Published: 2026-02-02 05:47 – Updated: 2026-07-15 01:21
VLAI
Title
Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation
Summary
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:1.5.1-1.el8sat , < * (rpm)
    cpe:/a:redhat:satellite_capsule:6.16::el9
    cpe:/a:redhat:satellite_maintenance:6.16::el9
    cpe:/a:redhat:satellite_capsule:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el8
    cpe:/a:redhat:satellite:6.16::el9
    cpe:/a:redhat:satellite:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_capsule:6.16::el9
    cpe:/a:redhat:satellite_maintenance:6.16::el9
    cpe:/a:redhat:satellite_capsule:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el8
    cpe:/a:redhat:satellite:6.16::el9
    cpe:/a:redhat:satellite:6.16::el8
    cpe:/a:redhat:satellite_utils:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_utils:6.17::el9
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite:6.17::el9
    cpe:/a:redhat:satellite_capsule:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:1.5.1-1.el8sat , < * (rpm)
    cpe:/a:redhat:satellite:6.16::el8
Create a notification for this product.
Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite:6.16::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.14.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.1.23-0.3.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.2.0-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.2.28-0.1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:2.22.3-1.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:3.27.10-2.el9pc , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:1.5.1-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.4.3-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:4.16.0.14-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.13.0-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:6.17.7-1.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Red Hat Red Hat Satellite 6.17 for RHEL 9 Unaffected: 0:0.0.3-4.el9sat , < * (rpm)
    cpe:/a:redhat:satellite_maintenance:6.17::el9
    cpe:/a:redhat:satellite_utils:6.17::el9
Create a notification for this product.
Date Public
2026-01-28 12:40
Credits
This issue was discovered by Evgeni Golov (Red Hat).
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1530",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-02T16:26:13.539148Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-02T16:28:31.327Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el8"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-fog-kubevirt",
            "product": "Red Hat Satellite 6.16 for RHEL 8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.5.1-1.el8sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-fog-kubevirt",
            "product": "Red Hat Satellite 6.16 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.5.1-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "foreman",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:3.14.0.14-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "libcomps",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.1.23-0.3.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-brotli",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.2.0-0.1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-django",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:4.2.28-0.1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-pulp-container",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:2.22.3-1.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "python-pulp-rpm",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:3.27.10-2.el9pc",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-fog-kubevirt",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.5.1-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-foreman_kubevirt",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.4.3-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-katello",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:4.16.0.14-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rubygem-rubyipmi",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.13.0-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "satellite",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:6.17.7-1.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite_maintenance:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "yggdrasil-worker-forwarder",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:0.0.3-4.el9sat",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:satellite:6"
            ],
            "defaultStatus": "affected",
            "packageName": "satellite:el8/rubygem-fog-kubevirt",
            "product": "Red Hat Satellite 6",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-01-28T12:40:37.424Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T01:21:29.368Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
          },
          {
            "name": "RHBZ#2433784",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1530.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5971"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5970"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:5971: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:5970: Red Hat Satellite 6.17 for RHEL 9"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-01-28T12:39:43.076Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-01-28T12:40:37.424Z",
            "value": "Made public."
          }
        ],
        "title": "fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation",
        "workarounds": [
          {
            "lang": "en",
            "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9",
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.16 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9",
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_utils:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.16 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.14.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "libcomps",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.23-0.3.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-brotli",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.0-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-django",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.2.28-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-container",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.3-1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-rpm",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.27.10-2.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.3-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-katello",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-rubyipmi",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.13.0-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.17.7-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.0.3-4.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.14.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "libcomps",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.23-0.3.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-brotli",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.0-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-django",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.2.28-0.1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-container",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.3-1.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-pulp-rpm",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.27.10-2.el9pc",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-foreman_kubevirt",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.3-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-katello",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0.14-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rubygem-rubyipmi",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.13.0-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.17.7-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_utils:6.17::el9",
            "cpe:/a:redhat:satellite_maintenance:6.17::el9",
            "cpe:/a:redhat:satellite:6.17::el9",
            "cpe:/a:redhat:satellite_capsule:6.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6.17 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.0.3-4.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite:el8/rubygem-fog-kubevirt",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Evgeni Golov (Red Hat)."
        }
      ],
      "datePublic": "2026-01-28T12:40:37.424Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-26T20:31:44.599Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:5970",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5970"
        },
        {
          "name": "RHSA-2026:5971",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5971"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1530"
        },
        {
          "name": "RHBZ#2433784",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433784"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-01-28T12:39:43.076Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-01-28T12:40:37.424Z",
          "value": "Made public."
        }
      ],
      "title": "Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1530",
    "datePublished": "2026-02-02T05:47:10.049Z",
    "dateReserved": "2026-01-28T12:41:52.835Z",
    "dateUpdated": "2026-07-15T01:21:29.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1068 (GCVE-0-2026-1068)

Vulnerability from cvelistv5 – Published: 2026-03-11 20:20 – Updated: 2026-03-12 16:19
VLAI
Summary
An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Lenovo FileZ Affected: 0 , < 10.12.3.0 (custom)
Create a notification for this product.
Lenovo FileZ Affected: 0 , < 11.1.0.35 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T15:35:53.611265Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T16:19:12.229Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "FileZ",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "10.12.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android"
          ],
          "product": "FileZ",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "11.1.0.35",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:lenovo:filez:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "10.12.3.0",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:lenovo:filez:*:*:android:*:*:*:*:*",
                  "versionEndExcluding": "11.1.0.35",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application.\u0026nbsp;"
            }
          ],
          "value": "An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295: Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T20:20:53.662Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://www.filez.com/securityPolicy"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update\u0026nbsp;Lenovo\u0026nbsp;FileZ\u0026nbsp;Android\u0026nbsp;application to version\u0026nbsp;11.1.0.35\u0026nbsp;or\u0026nbsp;later.\u0026nbsp;"
            }
          ],
          "value": "Update\u00a0Lenovo\u00a0FileZ\u00a0Android\u00a0application to version\u00a011.1.0.35\u00a0or\u00a0later."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eUpdate\u0026nbsp;Lenovo\u0026nbsp;FileZ Windows\u0026nbsp;application to version\u0026nbsp;10.12.3.0\u0026nbsp;or\u0026nbsp;later.\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Update\u00a0Lenovo\u00a0FileZ Windows\u00a0application to version\u00a010.12.3.0\u00a0or\u00a0later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.0-beta"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2026-1068",
    "datePublished": "2026-03-11T20:20:53.662Z",
    "dateReserved": "2026-01-16T19:33:39.508Z",
    "dateUpdated": "2026-03-12T16:19:12.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0872 (GCVE-0-2026-0872)

Vulnerability from cvelistv5 – Published: 2026-02-13 08:53 – Updated: 2026-02-13 12:47
VLAI
Title
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon
Summary
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
Impacted products
Vendor Product Version
Thales SafeNet Agent for Windows Logon Affected: 4.0.0
Affected: 4.1.1
Affected: 4.1.2
Create a notification for this product.
Date Public
2026-02-08 08:52
Credits
Huy Kha, Director of Security Research, and the team at Netwrix
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0872",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-13T12:47:11.793545Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-13T12:47:30.747Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "SafeNet Agent for Windows Logon",
          "vendor": "Thales",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            },
            {
              "status": "affected",
              "version": "4.1.2"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.0.0:*:windows:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.1:*:windows:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.2:*:windows:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Huy Kha, Director of Security Research, and the team at Netwrix"
        }
      ],
      "datePublic": "2026-02-08T08:52:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.\u003cp\u003eThis issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.\u003c/p\u003e"
            }
          ],
          "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-475",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-475 Signature Spoofing by Improper Validation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "exploitMaturity": "PROOF_OF_CONCEPT",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-13T08:53:05.621Z",
        "orgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
        "shortName": "THA-PSIRT"
      },
      "references": [
        {
          "tags": [
            "mitigation"
          ],
          "url": "https://thalesdocs.com/sta/agents/wla-windows_logon/wla-preinstallation_passwordless/index.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.thalesgroup.com/csm?sys_kb_id=247fd4a42b4a7290061af3f5f291bff1\u0026id=kb_article_view\u0026sysparm_rank=1\u0026sysparm_tsqueryId=5ecb72c73b927610381ecfaf55e45a0b\u0026sysparm_article=KB0030173"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade to version 4.1.3."
            }
          ],
          "value": "Upgrade to version 4.1.3."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
    "assignerShortName": "THA-PSIRT",
    "cveId": "CVE-2026-0872",
    "datePublished": "2026-02-13T08:53:05.621Z",
    "dateReserved": "2026-01-13T09:32:05.991Z",
    "dateUpdated": "2026-02-13T12:47:30.747Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0277 (GCVE-0-2026-0277)

Vulnerability from cvelistv5 – Published: 2026-07-09 19:14 – Updated: 2026-07-10 14:19
VLAI
Title
Prisma Access Agent: Improper Certificate Validation on iOS
Summary
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Date Public
2026-07-08 16:00
Credits
our internal security research teams
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0277",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T14:19:46.628829Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T14:19:54.495Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "iOS"
          ],
          "product": "Prisma Access Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "26.2.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "26.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux",
            "Windows",
            "macOS",
            "Android",
            "ChromeOS"
          ],
          "product": "Prisma Access Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:*:*:*:iOS:*:*",
                  "versionEndExcluding": "26.2.1",
                  "versionStartIncluding": "25.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "our internal security research teams"
        }
      ],
      "datePublic": "2026-07-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper certificate validation vulnerability in the Prisma\u00ae Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. \u003cbr\u003e\u003cbr\u003eThe Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected."
            }
          ],
          "value": "An improper certificate validation vulnerability in the Prisma\u00ae Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. \n\nThe Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-94",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-94 Adversary in the Middle (AiTM)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-09T19:14:50.806Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0277"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n                                    \u003ctd\u003ePrisma Access Agent on iOS\u003cbr\u003e\u003c/td\u003e\n                                    \u003ctd\u003e25.0 through 26.2\u003c/td\u003e\n                                    \u003ctd\u003eUpgrade to 26.2.1 or later.\u003c/td\u003e\n                                \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Linux\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on macOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Android\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on ChromeOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version\nMinor Version\nSuggested Solution\n\n                                    Prisma Access Agent on iOS\n\n                                    25.0 through 26.2\n                                    Upgrade to 26.2.1 or later.\n                                Prisma Access Agent on Linux\nNo action needed.Prisma Access Agent on Windows\nNo action needed.Prisma Access Agent on macOS\nNo action needed.Prisma Access Agent on Android\nNo action needed.Prisma Access Agent on ChromeOS\nNo action needed."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-08T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "Prisma Access Agent: Improper Certificate Validation on iOS",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No known workarounds exist for this issue."
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0277",
    "datePublished": "2026-07-09T19:14:50.806Z",
    "dateReserved": "2025-11-03T20:44:36.317Z",
    "dateUpdated": "2026-07-10T14:19:54.495Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0249 (GCVE-0-2026-0249)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:32 – Updated: 2026-05-15 09:57
VLAI
Title
GlobalProtect App: Certificate Validation Bypass Vulnerabilities
Summary
Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks GlobalProtect App Affected: 6.3.0 , < 6.3.3-h9 (6.3.3-999) (custom)
Affected: 6.2.0 , < 6.2.8-h10 (6.2.8-948) (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.1.0 , < 6.1.13 (custom)
Affected: 6.0.0 , < 6.0.14 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.0.0 , < 6.0.13 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Unaffected: All (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
Palo Alto Networks thanks Kakao Corp. Service Security Team and our internal security research teams for discovering and reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0249",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T03:56:08.016080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T09:57:30.206Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "macOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3-h9 (6.3.3-999)",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3-h9 (6.3.3-999)",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.2.8-h10 (6.2.8-948)",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.2.8-h10 (6.2.8-948)",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "ChromeOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.1.13",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.14",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "macOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.0.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.13",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux",
            "iOS",
            "Windows UWP"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe issue is applicable to the GlobalProtect app on macOS only if SAML authentication with an \u003ca href=\"https://docs.paloaltonetworks.com/globalprotect/administration/globalprotect-user-authentication/set-up-external-authentication/set-up-saml-authentication/enable-default-browser-for-saml-authentication-using-client-authentication-settings\"\u003eembedded browser is enabled\u003c/a\u003e. No special configuration is required for the GlobalProtect app on Android/Chrome OS to be affected by this issue.\u003c/p\u003e"
            }
          ],
          "value": "The issue is applicable to the GlobalProtect app on macOS only if SAML authentication with an embedded browser is enabled (https://docs.paloaltonetworks.com/globalprotect/administration/globalprotect-user-authentication/set-up-external-authentication/set-up-saml-authentication/enable-default-browser-for-saml-authentication-using-client-authentication-settings). No special configuration is required for the GlobalProtect app on Android/Chrome OS to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*",
                  "versionEndExcluding": "6.3.3-h9_(6.3.3-999)",
                  "versionStartIncluding": "6.3.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*",
                  "versionEndExcluding": "6.2.8-h10_(6.2.8-948)",
                  "versionStartIncluding": "6.2.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Android:*:*",
                  "versionEndExcluding": "6.1.13",
                  "versionStartIncluding": "6.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:ChromeOS:*:*",
                  "versionEndExcluding": "6.1.13",
                  "versionStartIncluding": "6.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Android:*:*",
                  "versionEndExcluding": "6.0.14",
                  "versionStartIncluding": "6.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:ChromeOS:*:*",
                  "versionEndExcluding": "6.0.14",
                  "versionStartIncluding": "6.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*",
                  "versionEndExcluding": "6.0.13",
                  "versionStartIncluding": "6.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks Kakao Corp. Service Security Team and our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMultiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software.\u003cbr\u003e\u003cbr\u003eThe GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.\u003c/p\u003e"
            }
          ],
          "value": "Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software.\n\nThe GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of these issues.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-94",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-94 Adversary in the Middle (AiTM)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:32:12.091Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0249"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Android\u003c/td\u003e\u003ctd\u003e6.1.0 through 6.1.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.1.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Android\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.13\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Chrome OS\u003c/td\u003e\u003ctd\u003e6.1.0 through 6.1.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.1.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Chrome OS\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.13\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.3 on macOS\u003c/td\u003e\u003ctd\u003e6.3.0 through 6.3.3-h8\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3-h9 (6.3.3-999) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h9\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h10 (6.2.8-948) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Windows\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on UWP\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version                              Minor Version            Suggested Solution\nGlobalProtect App 6.1 on Android     6.1.0 through 6.1.12     Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on Android     6.0.0 through 6.0.13     Upgrade to 6.0.14 or later.\nGlobalProtect App 6.1 on Chrome OS   6.1.0 through 6.1.12     Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on Chrome OS   6.0.0 through 6.0.13     Upgrade to 6.0.14 or later.\nGlobalProtect App 6.3 on macOS       6.3.0 through 6.3.3-h8   Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.2 on macOS       6.2.0 through 6.2.8-h9   Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.0 on macOS       6.0.0 through 6.0.12     Upgrade to 6.0.13 or later.\nGlobalProtect App on Windows                                  No action needed.\nGlobalProtect App on Linux                                    No action needed.\nGlobalProtect App on iOS                                      No action needed.\nGlobalProtect App on UWP                                      No action needed."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "GlobalProtect App: Certificate Validation Bypass Vulnerabilities",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo known workarounds exist for this issue.\u003c/p\u003e"
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0249",
    "datePublished": "2026-05-13T18:32:12.091Z",
    "dateReserved": "2025-11-03T20:44:09.928Z",
    "dateUpdated": "2026-05-15T09:57:30.206Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design Implementation

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

CAPEC-459: Creating a Rogue Certification Authority Certificate

An adversary exploits a weakness resulting from using a hashing algorithm with weak collision resistance to generate certificate signing requests (CSR) that contain collision blocks in their "to be signed" parts. The adversary submits one CSR to be signed by a trusted certificate authority then uses the signed blob to make a second certificate appear signed by said certificate authority. Due to the hash collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.