Lucene search
K

11 matches found

NVD
NVD
added 2026/06/23 9:17 p.m.11 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS0.00152EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS0.00153EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:53 p.m.5 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/23 7:53 p.m.8 views

CVE-2026-9073 Foreman-mcp-server: mcp server: insecure sensitive http header sanitization

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 7:53 p.m.8 views

CVE-2026-9073

Foreman-mcp-server (MCP server) contains a log-related vulnerability that can leak sensitive credentials via log files. Two separate logging paths are involved: (1) session identifiers are logged at informational level and treated as authentication credentials, and (2) debug logging partially san...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.7 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.7AI score0.00152EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:40 p.m.5 views

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/23 7:40 p.m.6 views

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51592

Name of the Vulnerable Software and Affected Versions foreman-mcp-server affected versions not specified Description Two distinct logging mechanisms in the software can expose sensitive session and authentication data. One mechanism logs session identifiers, which function as authentication...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51588

Name of the Vulnerable Software and Affected Versions foreman-mcp-server affected versions not specified Red Hat Satellite affected versions not specified Description A session management issue in the MCP Server allows unauthenticated attackers to hijack active administrative sessions. This occur...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/03 8:30 p.m.26 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

10CVSS6.7AI score0.01438EPSS
Exploits3References7
Rows per page
Query Builder