← back
CVE-2026-1530

Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation

CVSS 8.1 HIGHEPSS 0.3%CWE-295
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected products
Red Hat · Red Hat Satellite 6Red Hat · Red Hat Satellite 6.16 for RHEL 8Red Hat · Red Hat Satellite 6.16 for RHEL 9Red Hat · Red Hat Satellite 6.17 for RHEL 9

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2026:5970https://access.redhat.com/errata/RHSA-2026:5971https://access.redhat.com/security/cve/CVE-2026-1530https://bugzilla.redhat.com/show_bug.cgi?id=2433784