VDB

GHSA-hfcp-477w-3wjw

GHSA-hfcp-477w-3wjw PUBLISHED CVSS 8.300000190734863 HIGH

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.

Risk Scores

CVSS 3.1
8.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Affected Products

VendorProductVersions
Red Hat

Timeline

  • CVE Published
  • Mar 2, 2026 Security Advisory
  • Mar 28, 2026 Distribution Patch
  • Mar 28, 2026 Distribution Patch
  • Mar 28, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›