CVE-2026-0980 (GCVE-0-2026-0980)
Vulnerability from cvelistv5
Published
2026-02-27 07:30
Modified
2026-03-26 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Satellite 6.16 for RHEL 8 |
Unaffected: 0:0.13.0-0.1.el8sat < * cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite:6.16::el9 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T16:50:09.223915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T18:49:02.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite:6.16::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.16 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-0.1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite:6.16::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.16 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-0.1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite:6.16::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.16 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-0.1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite:6.16::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.16 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-0.1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.14.0.14-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "libcomps",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.1.23-0.3.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-brotli",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.2.0-0.1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-django",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.2.28-0.1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-pulp-container",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.22.3-1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-pulp-rpm",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.27.10-2.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-fog-kubevirt",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-foreman_kubevirt",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.4.3-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-katello",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.16.0.14-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "satellite",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.17.7-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.0.3-4.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.14.0.14-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "libcomps",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.1.23-0.3.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-brotli",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.2.0-0.1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-django",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.2.28-0.1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-pulp-container",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.22.3-1.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "python-pulp-rpm",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.27.10-2.el9pc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-fog-kubevirt",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.1-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-foreman_kubevirt",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.4.3-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-katello",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.16.0.14-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "satellite",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.17.7-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.17::el9",
"cpe:/a:redhat:satellite:6.17::el9",
"cpe:/a:redhat:satellite_utils:6.17::el9",
"cpe:/a:redhat:satellite_capsule:6.17::el9"
],
"defaultStatus": "affected",
"packageName": "yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6.17 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.0.3-4.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9",
"cpe:/a:redhat:satellite_utils:6.18::el9",
"cpe:/a:redhat:satellite_capsule:6.18::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.18 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9",
"cpe:/a:redhat:satellite_utils:6.18::el9",
"cpe:/a:redhat:satellite_capsule:6.18::el9"
],
"defaultStatus": "affected",
"packageName": "rubygem-rubyipmi",
"product": "Red Hat Satellite 6.18 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.13.0-1.el9sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "satellite:el8/rubygem-rubyipmi",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
}
],
"datePublic": "2020-01-15T08:08:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T23:10:23.847Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:5968",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"name": "RHSA-2026:5970",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5970"
},
{
"name": "RHSA-2026:5971",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5971"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-0980"
},
{
"name": "RHBZ#2429874",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-15T08:50:01.841Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2020-01-15T08:08:00.000Z",
"value": "Made public."
}
],
"title": "Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-0980",
"datePublished": "2026-02-27T07:30:42.657Z",
"dateReserved": "2026-01-15T08:53:56.962Z",
"dateUpdated": "2026-03-26T23:10:23.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0980\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-27T16:50:09.223915Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-06T18:48:57.445Z\"}}], \"cna\": {\"title\": \"Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-0.1.el8sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-0.1.el8sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-0.1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-0.1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.14.0.14-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"foreman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.1.23-0.3.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libcomps\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.2.0-0.1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-brotli\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.2.28-0.1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-django\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.22.3-1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-pulp-container\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.27.10-2.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-pulp-rpm\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-fog-kubevirt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.4.3-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-foreman_kubevirt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.16.0.14-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-katello\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.17.7-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"satellite\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.0.3-4.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"yggdrasil-worker-forwarder\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.14.0.14-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"foreman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.1.23-0.3.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libcomps\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.2.0-0.1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-brotli\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.2.28-0.1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-django\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.22.3-1.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-pulp-container\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.27.10-2.el9pc\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"python-pulp-rpm\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.1-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-fog-kubevirt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.4.3-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-foreman_kubevirt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.16.0.14-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-katello\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.17.7-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"satellite\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite_maintenance:6.17::el9\", \"cpe:/a:redhat:satellite:6.17::el9\", \"cpe:/a:redhat:satellite_utils:6.17::el9\", \"cpe:/a:redhat:satellite_capsule:6.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.17 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.0.3-4.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"yggdrasil-worker-forwarder\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.18::el9\", \"cpe:/a:redhat:satellite_utils:6.18::el9\", \"cpe:/a:redhat:satellite_capsule:6.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.18 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.18::el9\", \"cpe:/a:redhat:satellite_utils:6.18::el9\", \"cpe:/a:redhat:satellite_capsule:6.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.18 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.13.0-1.el9sat\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"packageName\": \"satellite:el8/rubygem-rubyipmi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-01-15T08:50:01.841Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2020-01-15T08:08:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2020-01-15T08:08:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2026:5968\", \"name\": \"RHSA-2026:5968\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5970\", \"name\": \"RHSA-2026:5970\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5971\", \"name\": \"RHSA-2026:5971\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2026-0980\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2429874\", \"name\": \"RHBZ#2429874\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-03-26T23:10:23.847Z\"}, \"x_redhatCweChain\": \"CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-0980\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-26T23:10:23.847Z\", \"dateReserved\": \"2026-01-15T08:53:56.962Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2026-02-27T07:30:42.657Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…