Issued:: 2025-11-20
Updated:: 2025-11-20

RHSA-2025:21897 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: Satellite 6.15.5.7 Async Update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Satellite 6.15 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

Security Fix(es):

foreman: Satellite: GraphQL API permission bypass leads to information disclosure (CVE-2025-9572)

Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Satellite 6.15 x86_64
Red Hat Satellite Capsule 6.15 x86_64
Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

BZ - 2391715 - CVE-2025-9572 foreman: Satellite: GraphQL API permission bypass leads to information disclosure

CVEs

CVE-2025-9572

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite 6.15

SRPM
foreman-3.9.1.14-1.el8sat.src.rpm	SHA-256: e9a27ec59fa86598aefbb3a2a203ada285321984c1f704cdf51b89114bc879a7
satellite-6.15.5.7-1.el8sat.src.rpm	SHA-256: 542f27c28719a95730d2c71e71f5d4fdc011dcbcaee795664219997d61949874
x86_64
foreman-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 4cc29a7eef28f82857d713e48b4e5923d09172d127bf7928c4827b28eaa1c50d
foreman-cli-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: cd5902ed69b1957cfe3ee6f134eb86e8c5e230e26c377e9eea58282079fd857e
foreman-debug-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 36aa439cf66edcb3ef8e845a18e96d3e14b355fddba3d6bb194fbc1db522463f
foreman-dynflow-sidekiq-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 1811c16acb1638fee3d23c01bfa8faf9cdfda50baf68dc1eb0330a4505bf5221
foreman-ec2-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: ca9487a9917a99380426f1db02ac2db9d6b6271ab499c3317c2ba52146099759
foreman-journald-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 3fcfb1d39f5540641fbfdb5328911bf81b4e92172ba4695a019b018c2bd4f9c9
foreman-libvirt-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 7acc94f34ca692ab2c5152218e0221a8205823e3a0ec208e21d7f0e407b05691
foreman-openstack-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 6e93396bbeb290ceaa402ed0e78ee38bd86b022b5050695867170ee17fd600b6
foreman-ovirt-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: e051eec01078e7c02182f1fd0cf5b1eaab50a3c0a26a15bfda39c6e00c51ae8f
foreman-pcp-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: efd3984a994549c9ec9a0ccd19326174d44d46d855ba765181ed904e278e9a13
foreman-postgresql-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 21a02039341768ff482e1665e00f35e846c70cc90082e7c089dd255fda1cbd3b
foreman-redis-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 6757c853de7c167f77c54564a43887a803e78e5be93cd1a938b6956b276d8cf6
foreman-service-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: c9da432d06b83ca37d595257c4c8d07c5e23f1b11cb8b2aef3f05595b970c85e
foreman-telemetry-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: e82306136224e2aab56d4ede687011d4bc884f0f77d8f0a3a76cdd363e4798ab
foreman-vmware-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: ee548197227ff178f53288eb79f8c91e597bdbd12b4b8dfe0fd54f6ff50e1d12
satellite-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: 0ac5c6cca04d06b0caf29f1621a7db591ac65ad5a9421f2962feb81cf24df4fd
satellite-cli-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: ef1025b6781dbed40f0ca08a82d790dd1cc4565e801e83ebbe3d72ccce6587fd
satellite-common-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: f28f4d8b3f2e47a458ce0f5c3da463897ae94d95e9896450f25bde3b3bb7b673

Red Hat Satellite Capsule 6.15

SRPM
foreman-3.9.1.14-1.el8sat.src.rpm	SHA-256: e9a27ec59fa86598aefbb3a2a203ada285321984c1f704cdf51b89114bc879a7
satellite-6.15.5.7-1.el8sat.src.rpm	SHA-256: 542f27c28719a95730d2c71e71f5d4fdc011dcbcaee795664219997d61949874
x86_64
foreman-debug-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: 36aa439cf66edcb3ef8e845a18e96d3e14b355fddba3d6bb194fbc1db522463f
foreman-pcp-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: efd3984a994549c9ec9a0ccd19326174d44d46d855ba765181ed904e278e9a13
satellite-capsule-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: deed74ed15083856ad23d3c88e41ba7429689cf42a77d92453790aabad707601
satellite-common-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: f28f4d8b3f2e47a458ce0f5c3da463897ae94d95e9896450f25bde3b3bb7b673

Red Hat Enterprise Linux for x86_64 8

SRPM
foreman-3.9.1.14-1.el8sat.src.rpm	SHA-256: e9a27ec59fa86598aefbb3a2a203ada285321984c1f704cdf51b89114bc879a7
satellite-6.15.5.7-1.el8sat.src.rpm	SHA-256: 542f27c28719a95730d2c71e71f5d4fdc011dcbcaee795664219997d61949874
x86_64
foreman-cli-3.9.1.14-1.el8sat.noarch.rpm	SHA-256: cd5902ed69b1957cfe3ee6f134eb86e8c5e230e26c377e9eea58282079fd857e
satellite-cli-6.15.5.7-1.el8sat.noarch.rpm	SHA-256: ef1025b6781dbed40f0ca08a82d790dd1cc4565e801e83ebbe3d72ccce6587fd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation